|
 |
05f42e |
From: Roberto Campesato <render@metalabs.org>
|
|
|
05f42e |
diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c
|
|
|
05f42e |
--- a/crypto/tlscredsx509.c
|
|
|
05f42e |
+++ b/crypto/tlscredsx509.c
|
|
|
056fbc |
@@ -502,14 +502,6 @@ qcrypto_tls_creds_x509_sanity_check(QCryptoTLSCredsX509 *creds,
|
|
|
05f42e |
goto cleanup;
|
|
|
05f42e |
}
|
|
|
05f42e |
|
|
|
05f42e |
- for (i = 0; i < ncacerts; i++) {
|
|
|
05f42e |
- if (qcrypto_tls_creds_check_cert(creds,
|
|
|
05f42e |
- cacerts[i], cacertFile,
|
|
|
05f42e |
- isServer, true, errp) < 0) {
|
|
|
05f42e |
- goto cleanup;
|
|
|
05f42e |
- }
|
|
|
05f42e |
- }
|
|
|
05f42e |
-
|
|
|
05f42e |
if (cert && ncacerts &&
|
|
|
05f42e |
qcrypto_tls_creds_check_cert_pair(cert, certFile, cacerts,
|
|
|
05f42e |
ncacerts, cacertFile,
|
|
|
056fbc |
diff --git a/tests/unit/test-crypto-tlscredsx509.c b/tests/unit/test-crypto-tlscredsx509.c
|
|
|
056fbc |
--- a/tests/unit/test-crypto-tlscredsx509.c
|
|
|
056fbc |
+++ b/tests/unit/test-crypto-tlscredsx509.c
|
|
|
056fbc |
@@ -285,7 +285,7 @@ int main(int argc, char **argv)
|
|
|
056fbc |
TLS_TEST_REG(badca1, true, cacert4req.filename, servercert4req.filename,
|
|
|
056fbc |
true);
|
|
|
056fbc |
TLS_TEST_REG(badca2, true,
|
|
|
056fbc |
- cacert5req.filename, servercert5req.filename, true);
|
|
|
056fbc |
+ cacert5req.filename, servercert5req.filename, false);
|
|
|
056fbc |
TLS_TEST_REG(badca3, true,
|
|
|
056fbc |
cacert6req.filename, servercert6req.filename, true);
|
|
|
056fbc |
|