comparison: libpurple/plugins/ssl/ssl-gnutls.c
libpurple/plugins/ssl/ssl-gnutls.c
- branch
- soc.2007.certmgr
- changeset 19359
- 8961d49b1b87
- parent 19356
- 65dacaaad968
- child 19494
- c9ee38003eb6
equal
deleted
inserted
replaced
| 19358:b5ef5441e2a7 | 19359:8961d49b1b87 |
|---|---|
| 695 } | 695 } |
| 696 | 696 |
| 697 /* Now, check the signature */ | 697 /* Now, check the signature */ |
| 698 /* The second argument is a ptr to an array of "trusted" issuer certs, | 698 /* The second argument is a ptr to an array of "trusted" issuer certs, |
| 699 but we're only using one trusted one */ | 699 but we're only using one trusted one */ |
| 700 ret = gnutls_x509_crt_verify(crt_dat, &issuer_dat, 1, 0, &verify); | 700 ret = gnutls_x509_crt_verify(crt_dat, &issuer_dat, 1, |
| 701 /* Permit signings by X.509v1 certs | |
| 702 (Verisign and possibly others have | |
| 703 root certificates that predate the | |
| 704 current standard) */ | |
| 705 GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT, | |
| 706 &verify); | |
| 701 | 707 |
| 702 if (ret != 0) { | 708 if (ret != 0) { |
| 703 purple_debug_error("gnutls/x509", | 709 purple_debug_error("gnutls/x509", |
| 704 "Attempted certificate verification caused a GnuTLS error code %d. I will just say the signature is bad, but you should look into this.\n", ret); | 710 "Attempted certificate verification caused a GnuTLS error code %d. I will just say the signature is bad, but you should look into this.\n", ret); |
| 705 return FALSE; | 711 return FALSE; |
