Fix bug in ssl_get_verify_result()

This commit is contained in:
Manuel Pégourié-Gonnard 2015-01-23 14:30:57 +00:00 committed by Paul Bakker
parent cc334eff3e
commit e89163c0a8
3 changed files with 14 additions and 6 deletions

View file

@ -50,6 +50,8 @@ Bugfix
* Fix unchecked return code in x509_crt_parse_path() on Windows (found by
Peter Vaskovic).
* Fix assembly selection for MIPS64 (thanks to James Cowgill).
* ssl_get_verify_result() now works even if the handshake was aborted due
to a failed verification (found by Fredrik Axelsson).
Changes
* Use deterministic nonces for AEAD ciphers in TLS by default (possible to

View file

@ -1710,11 +1710,11 @@ size_t ssl_get_bytes_avail( const ssl_context *ssl );
*
* \param ssl SSL context
*
* \return 0 if successful, or a combination of:
* BADCERT_EXPIRED
* BADCERT_REVOKED
* BADCERT_CN_MISMATCH
* BADCERT_NOT_TRUSTED
* \return 0 if successful,
* -1 if result is not available (eg because the handshake was
* aborted too early), or
* a combination of BADCERT_xxx and BADCRL_xxx flags, see
* x509.h
*/
int ssl_get_verify_result( const ssl_context *ssl );

View file

@ -4336,7 +4336,13 @@ size_t ssl_get_bytes_avail( const ssl_context *ssl )
int ssl_get_verify_result( const ssl_context *ssl )
{
if( ssl->session != NULL )
return( ssl->session->verify_result );
if( ssl->session_negotiate != NULL )
return( ssl->session_negotiate->verify_result );
return( -1 );
}
const char *ssl_get_ciphersuite( const ssl_context *ssl )