Commit 93ebac27 authored by Rémi Denis-Courmont's avatar Rémi Denis-Courmont Committed by Jean-Baptiste Kempf

GnuTLS: allow x509 version 1 certificates for CAs (and only CAs)

(cherry picked from commit d6a7a4d7)
Signed-off-by: default avatarJean-Baptiste Kempf <jb@videolan.org>
parent 95e32e3e
...@@ -580,6 +580,9 @@ static int OpenClient (vlc_tls_t *session, int fd, const char *hostname) ...@@ -580,6 +580,9 @@ static int OpenClient (vlc_tls_t *session, int fd, const char *hostname)
#else /* WIN32 */ #else /* WIN32 */
gnutls_loadOSCAList (VLC_OBJECT(session), sys->x509_cred); gnutls_loadOSCAList (VLC_OBJECT(session), sys->x509_cred);
#endif #endif
gnutls_certificate_set_verify_flags (sys->x509_cred,
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
session->handshake = gnutls_HandshakeAndValidate; session->handshake = gnutls_HandshakeAndValidate;
/*session->_handshake = gnutls_ContinueHandshake;*/ /*session->_handshake = gnutls_ContinueHandshake;*/
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment