Commit 525d9a3c authored by Ted Zlatanov's avatar Ted Zlatanov

gnutls.c (Fgnutls_boot): Fix case of :verify-error = t.

parent adbfe42c
2014-03-17 Teodor Zlatanov <tzz@lifelogs.com>
* gnutls.c (Fgnutls_boot): Fix case of :verify-error = t.
2014-03-16 Eli Zaretskii <eliz@gnu.org>
* search.c (find_newline): Speed up the function when using the
......
......@@ -786,6 +786,7 @@ one trustfile (usually a CA bundle). */)
{
int ret = GNUTLS_E_SUCCESS;
int max_log_level = 0;
bool verify_error_all = 0;
gnutls_session_t state;
gnutls_certificate_credentials_t x509_cred = NULL;
......@@ -825,8 +826,14 @@ one trustfile (usually a CA bundle). */)
verify_error = Fplist_get (proplist, QCgnutls_bootprop_verify_error);
prime_bits = Fplist_get (proplist, QCgnutls_bootprop_min_prime_bits);
if (NILP (Flistp (verify_error)))
error ("gnutls-boot: invalid :verify_error parameter (not a list)");
if (EQ (verify_error, Qt))
{
verify_error_all = 1;
}
else if (NILP (Flistp (verify_error)))
{
error ("gnutls-boot: invalid :verify_error parameter (not a list)");
}
if (!STRINGP (hostname))
error ("gnutls-boot: invalid :hostname parameter (not a string)");
......@@ -1071,7 +1078,8 @@ one trustfile (usually a CA bundle). */)
if (peer_verification != 0)
{
if (!NILP (Fmember (QCgnutls_bootprop_trustfiles, verify_error)))
if (verify_error_all
|| !NILP (Fmember (QCgnutls_bootprop_trustfiles, verify_error)))
{
emacs_gnutls_deinit (proc);
error ("Certificate validation failed %s, verification code %d",
......@@ -1120,7 +1128,8 @@ one trustfile (usually a CA bundle). */)
if (!fn_gnutls_x509_crt_check_hostname (gnutls_verify_cert, c_hostname))
{
if (!NILP (Fmember (QCgnutls_bootprop_hostname, verify_error)))
if (verify_error_all
|| !NILP (Fmember (QCgnutls_bootprop_hostname, verify_error)))
{
fn_gnutls_x509_crt_deinit (gnutls_verify_cert);
emacs_gnutls_deinit (proc);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment