[gnutls-devel] GnuTLS | WIP: AIA callback to retrieve missing chain certificates (!1262)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Sat May 30 18:05:49 CEST 2020
Daiki Ueno commented on a discussion on lib/x509/verify.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1262#note_352326308
> + _gnutls_debug_log("gnutls_x509_crt_init: %s\n", gnutls_strerror(ret));
> + gnutls_assert();
> + MARK_INVALID(GNUTLS_CERT_SIGNER_NOT_FOUND);
> + goto cleanup;
> + }
> +
> + /* missing issuer is populated by the callback */
> + ret = tlist->issuer_callback(tlist, cert, issuer);
> + if (ret < 0) {
> + /* if the callback fails, continue as though the callback
> + * wasn't invoked i.e issuer remains NULL */
> + gnutls_x509_crt_deinit(issuer);
> + gnutls_assert();
> + issuer = NULL;
> + } else
> + issuer_deinit = true;
Well, no. It will be `free`'ed if you call `gnutls_x509_trust_list_deinit` with `all` argument set to 1.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1262#note_352326308
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200530/facb5739/attachment.html>
More information about the Gnutls-devel
mailing list