Improve comments
This commit is contained in:
parent
ee98109af5
commit
9107b5fdd3
2 changed files with 5 additions and 1 deletions
|
@ -2310,7 +2310,9 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
|
||||||
}
|
}
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
/* prevent misuse of the vrfy callback */
|
/* prevent misuse of the vrfy callback - VERIFY_FAILED would be ignored by
|
||||||
|
* the SSL module for authmode optional, but non-zero return from the
|
||||||
|
* callback means a fatal error so it shouldn't be ignored */
|
||||||
if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
|
if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
|
||||||
ret = MBEDTLS_ERR_X509_FATAL_ERROR;
|
ret = MBEDTLS_ERR_X509_FATAL_ERROR;
|
||||||
|
|
||||||
|
|
|
@ -2103,6 +2103,8 @@ run_test "Authentication: client no cert, ssl3" \
|
||||||
-C "! mbedtls_ssl_handshake returned" \
|
-C "! mbedtls_ssl_handshake returned" \
|
||||||
-S "X509 - Certificate verification failed"
|
-S "X509 - Certificate verification failed"
|
||||||
|
|
||||||
|
# The "max_int chain" tests assume that MAX_INTERMEDIATE_CA is set to its
|
||||||
|
# default value (8)
|
||||||
run_test "Authentication: server max_int chain, client default" \
|
run_test "Authentication: server max_int chain, client default" \
|
||||||
"$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
|
"$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
|
||||||
key_file=data_files/dir-maxpath/09.key" \
|
key_file=data_files/dir-maxpath/09.key" \
|
||||||
|
|
Loading…
Reference in a new issue