Remove artificial constraint in _gnutls_x509_verify_certificate

Tomas Mraz tmraz at redhat.com
Tue Mar 2 21:44:07 CET 2010


Hi,
I was examining the current _gnutls_x509_verify_certificate() code and I
found that the code does not allow unconditionally accepting the site
certificate if it is on the trust list. I think that this is unnecessary
restriction which should be removed.

See the attached patch which removes the restriction.
-- 
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gnutls-2.9.10-sitetrusted.patch
Type: text/x-patch
Size: 1115 bytes
Desc: not available
URL: </pipermail/attachments/20100302/6022d0a4/attachment.bin>


More information about the Gnutls-devel mailing list