[gnutls-devel] Bugfixes for certificate lists
tim.kosse at filezilla-project.org
Wed Jul 27 23:56:17 CEST 2016
could I please get some feedback on these patches?
On 2016-07-09 13:05, Tim Kosse wrote:
> for small certificate lists, gnutls_x509_crt_list_import2 is ignoring
> the GNUTLS_X509_CRT_LIST_SORT and GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED
> As result, gnutls-cli-debug incorrectly reports a server's certificate
> chain order as sorted even if it isn't.
> I've also fixed the documentation of gnutls_certificate_get_peers, the
> list it returns isn't actually sorted.
> I wonder, should we add a function that makes it easier to obtain a
> sorted peer certificate list (or an error if it cannot be sorted)?
More information about the Gnutls-devel