GnuTLS: allow x509 version 1 certificates for CAs (and only CAs)

(cherry picked from commit d6a7a4d7) Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>

GnuTLS: allow x509 version 1 certificates for CAs (and only CAs)
(cherry picked from commit d6a7a4d7) Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>
93ebac27 · Rémi Denis-Courmont · Jean-Baptiste Kempf · 95e32e3e · 93ebac27
Commit 93ebac27 authored Jan 27, 2012 by Rémi Denis-Courmont Committed by Jean-Baptiste Kempf Jan 27, 2012
Show whitespace changes
Inline Side-by-side

Showing with 3 additions and 0 deletions

modules/misc/gnutls.c modules/misc/gnutls.c +3 -0

No files found.
--- a/modules/misc/gnutls.c
+++ b/modules/misc/gnutls.c
@@ -580,6 +580,9 @@ static int OpenClient (vlc_tls_t *session, int fd, const char *hostname)
 #else /* WIN32 */
    gnutls_loadOSCAList (VLC_OBJECT(session), sys->x509_cred);
 #endif
+    gnutls_certificate_set_verify_flags (sys->x509_cred,
+                                         GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
+
    session->handshake = gnutls_HandshakeAndValidate;
    /*session->_handshake = gnutls_ContinueHandshake;*/