From 6cced538abd4f8053c009b163efa8c6d568b9580 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Thu, 9 Sep 2010 17:07:22 +0200 Subject: Improved certificate extension handling Added the functionality so that the verification fun will be called when a certificate is considered valid by the path validation to allow access to eachs certificate in the path to the user application. Removed clause that only check that a extension is not critical, it does alter the verification rusult only withholds information from the application. Try to verify subject-AltName, if unable to verify it let application try. --- lib/ssl/test/ssl_basic_SUITE.erl | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'lib/ssl/test/ssl_basic_SUITE.erl') diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl index 1e96880801..3cb9337775 100644 --- a/lib/ssl/test/ssl_basic_SUITE.erl +++ b/lib/ssl/test/ssl_basic_SUITE.erl @@ -2860,7 +2860,9 @@ unknown_server_ca_fail(Config) when is_list(Config) -> FunAndState = {fun(_,{bad_cert, _} = Reason, _) -> {fail, Reason}; (_,{extension, _}, UserState) -> - {unknown, UserState} + {unknown, UserState}; + (_, valid, UserState) -> + {valid, UserState} end, []}, Client = ssl_test_lib:start_client_error([{node, ClientNode}, {port, Port}, @@ -2926,7 +2928,9 @@ unknown_server_ca_accept_verify_peer(Config) when is_list(Config) -> (_,{bad_cert, _} = Reason, _) -> {fail, Reason}; (_,{extension, _}, UserState) -> - {unknown, UserState} + {unknown, UserState}; + (_, valid, UserState) -> + {valid, UserState} end, []}, Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port}, @@ -3095,7 +3099,7 @@ session_cache_process_mnesia(suite) -> session_cache_process_mnesia(Config) when is_list(Config) -> session_cache_process(mnesia,Config). -session_cache_process(Type,Config) when is_list(Config) -> +session_cache_process(_Type,Config) when is_list(Config) -> reuse_session(Config). init([Type]) -> -- cgit v1.2.3