diff options
author | Ingela Anderton Andin <[email protected]> | 2010-09-09 17:07:22 +0200 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2010-09-10 12:16:34 +0200 |
commit | 6cced538abd4f8053c009b163efa8c6d568b9580 (patch) | |
tree | 20bd2188463ef85a9af163355f4da6bdaccd0e7a /lib/public_key/include/public_key.hrl | |
parent | fb29cd6c08a77778fdf7258f5682108e46fe26af (diff) | |
download | otp-6cced538abd4f8053c009b163efa8c6d568b9580.tar.gz otp-6cced538abd4f8053c009b163efa8c6d568b9580.tar.bz2 otp-6cced538abd4f8053c009b163efa8c6d568b9580.zip |
Improved certificate extension handling
Added the functionality so that the verification fun will be called
when a certificate is considered valid by the path validation to allow
access to eachs certificate in the path to the user application.
Removed clause that only check that a extension is not critical,
it does alter the verification rusult only withholds information from
the application.
Try to verify subject-AltName, if unable to verify it let
application try.
Diffstat (limited to 'lib/public_key/include/public_key.hrl')
-rw-r--r-- | lib/public_key/include/public_key.hrl | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/public_key/include/public_key.hrl b/lib/public_key/include/public_key.hrl index 82681502ab..a16eb10fe6 100644 --- a/lib/public_key/include/public_key.hrl +++ b/lib/public_key/include/public_key.hrl @@ -31,8 +31,10 @@ -define(DEFAULT_VERIFYFUN, {fun(_,{bad_cert, _} = Reason, _) -> {fail, Reason}; - (_,{extension, _}, UserState) -> - {unknown, UserState} + (_,{extension, _}, UserState) -> + {unknown, UserState}; + (_, valid, UserState) -> + {valid, UserState} end, []}). -record(path_validation_state, { |