diff options
| author | Ingela Anderton Andin <[email protected]> | 2010-09-22 13:56:31 +0200 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2010-09-24 15:43:34 +0200 |
| commit | 266ea3592e49cc93e69735eea4572e95fedc6a19 (patch) | |
| tree | 79087cd024f9f33563496e61579264c64d031dc6 /lib/public_key/src/public_key.erl | |
| parent | 17224a3d31d25ce6daa4de63b52b26bee9564bcd (diff) | |
| download | otp-266ea3592e49cc93e69735eea4572e95fedc6a19.tar.gz otp-266ea3592e49cc93e69735eea4572e95fedc6a19.tar.bz2 otp-266ea3592e49cc93e69735eea4572e95fedc6a19.zip | |
Backwards compatibility
Changed implementation to retain backwards compatibility for old
option {verify, 0} that shall be equivalent to {verify, verify_none},
also separate the cases unknown CA and selfsigned peer cert, and
restored return value of deprecated function public_key:pem_to_der/1.
Diffstat (limited to 'lib/public_key/src/public_key.erl')
| -rw-r--r-- | lib/public_key/src/public_key.erl | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl index 9c7817fa8e..902e9ad3c0 100644 --- a/lib/public_key/src/public_key.erl +++ b/lib/public_key/src/public_key.erl @@ -437,7 +437,7 @@ pkix_normalize_name(Issuer) -> pubkey_cert:normalize_general_name(Issuer). %%-------------------------------------------------------------------- --spec pkix_path_validation(der_encoded()| #'OTPCertificate'{} | unknown_ca, +-spec pkix_path_validation(der_encoded()| #'OTPCertificate'{} | atom(), CertChain :: [der_encoded()] , Options :: list()) -> {ok, {PublicKeyInfo :: term(), @@ -445,11 +445,11 @@ pkix_normalize_name(Issuer) -> {error, {bad_cert, Reason :: term()}}. %% Description: Performs a basic path validation according to RFC 5280. %%-------------------------------------------------------------------- -pkix_path_validation(unknown_ca, [Cert | Chain], Options0) -> +pkix_path_validation(PathErr, [Cert | Chain], Options0) when is_atom(PathErr)-> {VerifyFun, Userstat0} = proplists:get_value(verify_fun, Options0, ?DEFAULT_VERIFYFUN), Otpcert = pkix_decode_cert(Cert, otp), - Reason = {bad_cert, unknown_ca}, + Reason = {bad_cert, PathErr}, try VerifyFun(Otpcert, Reason, Userstat0) of {valid, Userstate} -> Options = proplists:delete(verify_fun, Options0), @@ -576,7 +576,7 @@ sized_binary(List) -> %%-------------------------------------------------------------------- pem_to_der(CertSource) -> {ok, Bin} = file:read_file(CertSource), - pubkey_pem:decode(Bin). + {ok, pubkey_pem:decode(Bin)}. decode_private_key(KeyInfo) -> decode_private_key(KeyInfo, no_passwd). |