eden-emu/mbedtls
19
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Clarify documentation about missing CRLs

Browse source 
Also tune up some working while at it.
This commit is contained in:
Manuel Pégourié-Gonnard 2016-02-22 11:36:55 +01:00 committed by Simon Butcher
parent a6062607f1
commit e66dd1dcef
2 changed files with 13 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

9
library/x509_crt.c
View file

@ -1600,7 +1600,8 @@ int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509
}
/*
* Check that the given certificate is valid according to the CRL.
* Check that the given certificate is not revoked according to the CRL.
* Skip validation is no CRL for the given CA is present.
*/
static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
mbedtls_x509_crl *crl_list,
@ -1613,12 +1614,6 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
if( ca == NULL )
return( flags );
/*
* TODO: What happens if no CRL is present?
* Suggestion: Revocation state should be unknown if no CRL is present.
* For backwards compatibility this is not yet implemented.
*/
while( crl_list != NULL )
{
if( crl_list->version == 0 ||