[vlc-commits] GnuTLS: allow x509 version 1 certificates for CAs (and only CAs)

Fri Jan 27 17:05:02 CET 2012

vlc | branch: master | Rémi Denis-Courmont <remi at remlab.net> | Fri Jan 27 18:04:17 2012 +0200| [d6a7a4d7e979563efd6322bf582a4aeea61b4d56] | committer: Rémi Denis-Courmont

GnuTLS: allow x509 version 1 certificates for CAs (and only CAs)

> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=d6a7a4d7e979563efd6322bf582a4aeea61b4d56
---

 modules/misc/gnutls.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/modules/misc/gnutls.c b/modules/misc/gnutls.c
index cc8a56d..fdfd37b 100644
--- a/modules/misc/gnutls.c
+++ b/modules/misc/gnutls.c
@@ -580,6 +580,9 @@ static int OpenClient (vlc_tls_t *session, int fd, const char *hostname)
 #else /* WIN32 */
     gnutls_loadOSCAList (VLC_OBJECT(session), sys->x509_cred);
 #endif
+    gnutls_certificate_set_verify_flags (sys->x509_cred,
+                                         GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
+
     session->handshake = gnutls_HandshakeAndValidate;
     /*session->_handshake = gnutls_ContinueHandshake;*/
 

