aboutsummaryrefslogtreecommitdiffstats
path: root/lib/public_key/include/public_key.hrl
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2010-09-09 17:07:22 +0200
committerIngela Anderton Andin <[email protected]>2010-09-10 12:16:34 +0200
commit6cced538abd4f8053c009b163efa8c6d568b9580 (patch)
tree20bd2188463ef85a9af163355f4da6bdaccd0e7a /lib/public_key/include/public_key.hrl
parentfb29cd6c08a77778fdf7258f5682108e46fe26af (diff)
downloadotp-6cced538abd4f8053c009b163efa8c6d568b9580.tar.gz
otp-6cced538abd4f8053c009b163efa8c6d568b9580.tar.bz2
otp-6cced538abd4f8053c009b163efa8c6d568b9580.zip
Improved certificate extension handling
Added the functionality so that the verification fun will be called when a certificate is considered valid by the path validation to allow access to eachs certificate in the path to the user application. Removed clause that only check that a extension is not critical, it does alter the verification rusult only withholds information from the application. Try to verify subject-AltName, if unable to verify it let application try.
Diffstat (limited to 'lib/public_key/include/public_key.hrl')
-rw-r--r--lib/public_key/include/public_key.hrl6
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/public_key/include/public_key.hrl b/lib/public_key/include/public_key.hrl
index 82681502ab..a16eb10fe6 100644
--- a/lib/public_key/include/public_key.hrl
+++ b/lib/public_key/include/public_key.hrl
@@ -31,8 +31,10 @@
-define(DEFAULT_VERIFYFUN,
{fun(_,{bad_cert, _} = Reason, _) ->
{fail, Reason};
- (_,{extension, _}, UserState) ->
- {unknown, UserState}
+ (_,{extension, _}, UserState) ->
+ {unknown, UserState};
+ (_, valid, UserState) ->
+ {valid, UserState}
end, []}).
-record(path_validation_state, {