diff options
| author | Ingela Anderton Andin <[email protected]> | 2017-01-27 10:27:26 +0100 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2017-01-27 10:27:26 +0100 |
| commit | 2735f415510cf260258e092c0f3e4070a00fc06d (patch) | |
| tree | 8837c7b1157616c6af444e9d528f8f24680e0d5f /lib/ssl/src/ssl_certificate.erl | |
| parent | 5cce2a35e902e2fd82ae488a74dd0dd08f3f4b20 (diff) | |
| parent | 63504a78d0547845b6cdea57251db7dc35ae1515 (diff) | |
| download | otp-2735f415510cf260258e092c0f3e4070a00fc06d.tar.gz otp-2735f415510cf260258e092c0f3e4070a00fc06d.tar.bz2 otp-2735f415510cf260258e092c0f3e4070a00fc06d.zip | |
Merge branch 'ingela/ssl/key-ext-validate/ERL-338/OTP-14141' into maint
* ingela/ssl/key-ext-validate/ERL-338/OTP-14141:
ssl: The certificate path may be used as a source to find intermediate CAs for the CRL
ssl: Handle more than one DistributionPoint
ssl: Correct ssl_certificate:validate/3
Diffstat (limited to 'lib/ssl/src/ssl_certificate.erl')
| -rw-r--r-- | lib/ssl/src/ssl_certificate.erl | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/lib/ssl/src/ssl_certificate.erl b/lib/ssl/src/ssl_certificate.erl index f359655d85..8aa2aa4081 100644 --- a/lib/ssl/src/ssl_certificate.erl +++ b/lib/ssl/src/ssl_certificate.erl @@ -125,21 +125,21 @@ file_to_crls(File, DbHandle) -> %% Description: Validates ssl/tls specific extensions %%-------------------------------------------------------------------- validate(_,{extension, #'Extension'{extnID = ?'id-ce-extKeyUsage', - extnValue = KeyUse}}, {Role, _,_, _, _}) -> + extnValue = KeyUse}}, UserState = {Role, _,_, _, _}) -> case is_valid_extkey_usage(KeyUse, Role) of true -> - {valid, Role}; + {valid, UserState}; false -> {fail, {bad_cert, invalid_ext_key_usage}} end; -validate(_, {extension, _}, Role) -> - {unknown, Role}; +validate(_, {extension, _}, UserState) -> + {unknown, UserState}; validate(_, {bad_cert, _} = Reason, _) -> {fail, Reason}; -validate(_, valid, Role) -> - {valid, Role}; -validate(_, valid_peer, Role) -> - {valid, Role}. +validate(_, valid, UserState) -> + {valid, UserState}; +validate(_, valid_peer, UserState) -> + {valid, UserState}. %%-------------------------------------------------------------------- -spec is_valid_key_usage(list(), term()) -> boolean(). |