Merge branch 'ia/ssl/partial_chain/OTP-12149' into maint

* ia/ssl/partial_chain/OTP-12149: ssl: One more workaround as tcp has no delivery gurantee on application level ssl: Prepare for release - soft upgrade ssl, public_key: Add new option partial_chain
author: Ingela Anderton Andin <[email protected]> 2014-09-10 11:34:58 +0200
committer: Ingela Anderton Andin <[email protected]> 2014-09-10 11:34:58 +0200
commit: 8ef77b62d98b25bc9a66c61336ca62941803c09b (patch)
tree: bda71a1b4a4ed8295630ee7a66b2b6b8f26187ae /lib/ssl/src/ssl_handshake.erl
parent: daa9e1a0d97612f6689685e5a597375ceb9e7b81 (diff)
parent: 597e0525d223769991bde1a5b254e2170b2b1dc9 (diff)
download: otp-8ef77b62d98b25bc9a66c61336ca62941803c09b.tar.gz
otp-8ef77b62d98b25bc9a66c61336ca62941803c09b.tar.bz2
otp-8ef77b62d98b25bc9a66c61336ca62941803c09b.zip
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl
index 94ffd180c5..22673e46e2 100644
--- a/lib/ssl/src/ssl_handshake.erl
+++ b/lib/ssl/src/ssl_handshake.erl
@@ -49,7 +49,7 @@
 	 finished/5,  next_protocol/1]).
 
 %% Handle handshake messages
--export([certify/7, client_certificate_verify/6, certificate_verify/6, verify_signature/5,
+-export([certify/8, client_certificate_verify/6, certificate_verify/6, verify_signature/5,
 	 master_secret/5, server_key_exchange_hash/2, verify_connection/6,
 	 init_handshake_history/0, update_handshake_history/2, verify_server_key/5
 	]).
@@ -383,13 +383,13 @@ verify_signature(_Version, Hash, {HashAlgo, ecdsa}, Signature,
 
 %%--------------------------------------------------------------------
 -spec certify(#certificate{}, db_handle(), certdb_ref(), integer() | nolimit,
-	      verify_peer | verify_none, {fun(), term},
+	      verify_peer | verify_none, {fun(), term}, fun(),
 	      client | server) ->  {der_cert(), public_key_info()} | #alert{}.
 %%
 %% Description: Handles a certificate handshake message
 %%--------------------------------------------------------------------
 certify(#certificate{asn1_certificates = ASN1Certs}, CertDbHandle, CertDbRef,
-	MaxPathLen, _Verify, VerifyFunAndState, Role) ->
+	MaxPathLen, _Verify, VerifyFunAndState, PartialChain, Role) ->
     [PeerCert | _] = ASN1Certs,
 
     ValidationFunAndState =
@@ -421,7 +421,7 @@ certify(#certificate{asn1_certificates = ASN1Certs}, CertDbHandle, CertDbRef,
 
     try
 	{TrustedErlCert, CertPath}  =
-	    ssl_certificate:trusted_cert_and_path(ASN1Certs, CertDbHandle, CertDbRef),
+	    ssl_certificate:trusted_cert_and_path(ASN1Certs, CertDbHandle, CertDbRef, PartialChain),
 	case public_key:pkix_path_validation(TrustedErlCert,
 					      CertPath,
 					     [{max_path_length,
author	Ingela Anderton Andin <[email protected]>	2014-09-10 11:34:58 +0200
committer	Ingela Anderton Andin <[email protected]>	2014-09-10 11:34:58 +0200
commit	8ef77b62d98b25bc9a66c61336ca62941803c09b (patch)
tree	bda71a1b4a4ed8295630ee7a66b2b6b8f26187ae /lib/ssl/src/ssl_handshake.erl
parent	daa9e1a0d97612f6689685e5a597375ceb9e7b81 (diff)
parent	597e0525d223769991bde1a5b254e2170b2b1dc9 (diff)
download	otp-8ef77b62d98b25bc9a66c61336ca62941803c09b.tar.gz otp-8ef77b62d98b25bc9a66c61336ca62941803c09b.tar.bz2 otp-8ef77b62d98b25bc9a66c61336ca62941803c09b.zip