diff options
author | Ingela Anderton Andin <[email protected]> | 2015-02-02 10:05:33 +0100 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2015-02-02 10:05:33 +0100 |
commit | edf6a220668d7461044918c10190b41ea7a4891d (patch) | |
tree | 8778e5a9fa167e0a80980ceed8f406486a4fe63c /lib/ssl | |
parent | 6f19eae6d1df8d6892a3f665d3cf38d3cc5359fc (diff) | |
parent | 158447e03d6de6201b4cbb7244e406ea873fa3a3 (diff) | |
download | otp-edf6a220668d7461044918c10190b41ea7a4891d.tar.gz otp-edf6a220668d7461044918c10190b41ea7a4891d.tar.bz2 otp-edf6a220668d7461044918c10190b41ea7a4891d.zip |
Merge branch 'ia/ssl/self-signed-root/OTP-12449' into maint
* ia/ssl/self-signed-root/OTP-12449:
ssl: Remove selfsigned anchor certificate from the certificate chain
Diffstat (limited to 'lib/ssl')
-rw-r--r-- | lib/ssl/src/ssl_certificate.erl | 2 | ||||
-rw-r--r-- | lib/ssl/test/ssl_certificate_verify_SUITE.erl | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/lib/ssl/src/ssl_certificate.erl b/lib/ssl/src/ssl_certificate.erl index 9c0ed181fe..30d224fee2 100644 --- a/lib/ssl/src/ssl_certificate.erl +++ b/lib/ssl/src/ssl_certificate.erl @@ -282,7 +282,7 @@ other_issuer(OtpCert, CertDbHandle) -> handle_path({BinCert, OTPCert}, Path, PartialChainHandler) -> case public_key:pkix_is_self_signed(OTPCert) of true -> - {BinCert, Path}; + {BinCert, lists:delete(BinCert, Path)}; false -> handle_incomplete_chain(Path, PartialChainHandler) end. diff --git a/lib/ssl/test/ssl_certificate_verify_SUITE.erl b/lib/ssl/test/ssl_certificate_verify_SUITE.erl index b7864ba6e7..dab7a941db 100644 --- a/lib/ssl/test/ssl_certificate_verify_SUITE.erl +++ b/lib/ssl/test/ssl_certificate_verify_SUITE.erl @@ -443,7 +443,7 @@ verify_fun_always_run_client(Config) when is_list(Config) -> {unknown, UserState}; (_, valid, [ChainLen]) -> {valid, [ChainLen + 1]}; - (_, valid_peer, [2]) -> + (_, valid_peer, [1]) -> {fail, "verify_fun_was_always_run"}; (_, valid_peer, UserState) -> {valid, UserState} @@ -482,7 +482,7 @@ verify_fun_always_run_server(Config) when is_list(Config) -> {unknown, UserState}; (_, valid, [ChainLen]) -> {valid, [ChainLen + 1]}; - (_, valid_peer, [2]) -> + (_, valid_peer, [1]) -> {fail, "verify_fun_was_always_run"}; (_, valid_peer, UserState) -> {valid, UserState} |