procyberian/emacs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

gnutls.c (Fgnutls_boot): Fix case of :verify-error = t.

Browse source
This commit is contained in:
Ted Zlatanov 2014-03-17 17:29:56 -04:00
parent adbfe42cd9
commit 525d9a3cec
2 changed files with 17 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/ChangeLog
View file

@ -1,3 +1,7 @@
2014-03-17 Teodor Zlatanov <tzz@lifelogs.com>
* gnutls.c (Fgnutls_boot): Fix case of :verify-error = t.
2014-03-16 Eli Zaretskii <eliz@gnu.org>
* search.c (find_newline): Speed up the function when using the

17
src/gnutls.c
View file

@ -786,6 +786,7 @@ one trustfile (usually a CA bundle). */)
{
int ret = GNUTLS_E_SUCCESS;
int max_log_level = 0;
bool verify_error_all = 0;
gnutls_session_t state;
gnutls_certificate_credentials_t x509_cred = NULL;
@ -825,8 +826,14 @@ one trustfile (usually a CA bundle). */)
verify_error = Fplist_get (proplist, QCgnutls_bootprop_verify_error);
prime_bits = Fplist_get (proplist, QCgnutls_bootprop_min_prime_bits);
if (NILP (Flistp (verify_error)))
error ("gnutls-boot: invalid :verify_error parameter (not a list)");
if (EQ (verify_error, Qt))
{
verify_error_all = 1;
}
else if (NILP (Flistp (verify_error)))
{
error ("gnutls-boot: invalid :verify_error parameter (not a list)");
}
if (!STRINGP (hostname))
error ("gnutls-boot: invalid :hostname parameter (not a string)");
@ -1071,7 +1078,8 @@ one trustfile (usually a CA bundle). */)
if (peer_verification != 0)
{
if (!NILP (Fmember (QCgnutls_bootprop_trustfiles, verify_error)))
if (verify_error_all
|| !NILP (Fmember (QCgnutls_bootprop_trustfiles, verify_error)))
{
emacs_gnutls_deinit (proc);
error ("Certificate validation failed %s, verification code %d",
@ -1120,7 +1128,8 @@ one trustfile (usually a CA bundle). */)
if (!fn_gnutls_x509_crt_check_hostname (gnutls_verify_cert, c_hostname))
{
if (!NILP (Fmember (QCgnutls_bootprop_hostname, verify_error)))
if (verify_error_all
|| !NILP (Fmember (QCgnutls_bootprop_hostname, verify_error)))
{
fn_gnutls_x509_crt_deinit (gnutls_verify_cert);
emacs_gnutls_deinit (proc);