GTlsCertificateFlags gtls_flags;
X509 *x;
STACK_OF(X509) *untrusted;
- gint i;
cert_openssl = G_TLS_CERTIFICATE_OPENSSL (cert);
priv = g_tls_certificate_openssl_get_instance_private (cert_openssl);
X509_STORE_free (store);
}
- /* We have to check these ourselves since openssl
- * does not give us flags and UNKNOWN_CA will take priority.
- */
- for (i = 0; i < sk_X509_num (untrusted); i++)
- {
- X509 *c = sk_X509_value (untrusted, i);
- ASN1_TIME *not_before = X509_get_notBefore (c);
- ASN1_TIME *not_after = X509_get_notAfter (c);
-
- if (X509_cmp_current_time (not_before) > 0)
- gtls_flags |= G_TLS_CERTIFICATE_NOT_ACTIVATED;
-
- if (X509_cmp_current_time (not_after) < 0)
- gtls_flags |= G_TLS_CERTIFICATE_EXPIRED;
- }
-
sk_X509_free (untrusted);
if (identity)
/* FIXME: check sRVName and uniformResourceIdentifier
* subjectAltNames, if appropriate for @identity.
*/
-
+ TIZEN_LOGE("SSL HandShake - Bad Identity");
return G_TLS_CERTIFICATE_BAD_IDENTITY;
}
break;
case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+#ifdef TIZEN_EXT
+ case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
+#endif
gtls_flags = G_TLS_CERTIFICATE_UNKNOWN_CA;
break;
default:
projects / platform / upstream / glib-networking.git / blobdiff