[gnutls-devel] GnuTLS | WIP: AIA callback to retrieve missing chain certificates (!1262)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Sat May 30 19:35:00 CEST 2020
Daiki Ueno commented on a discussion on lib/x509/verify.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1262#note_352341394
> issuer = find_issuer(cert, trusted_cas, tcas_size);
>
> + if (issuer == NULL) {
> + if (tlist != NULL && tlist->issuer_callback != NULL) {
> + _gnutls_debug_log("Missing issuer callback set.\n");
> + ret = gnutls_x509_crt_init(&issuer);
> + if (ret < 0) {
> + _gnutls_debug_log("gnutls_x509_crt_init: %s\n", gnutls_strerror(ret));
> + gnutls_assert();
> + issuer = NULL;
> + }
> +
> + /* missing issuer is populated by the callback */
> + ret = tlist->issuer_callback(tlist, cert, issuer);
> + if (ret < 0) {
> + /* if the callback fails, continue as though the callback
Yes, and isn't that the case already (as long as the terminal or editor renders a tab as 8 spaces)? I rely on Emacs for that job so that such mistakes do not come in.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1262#note_352341394
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200530/1acf64b2/attachment.html>
More information about the Gnutls-devel
mailing list