- Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error

commit: 6c0ceb3f9aacdabeb475acdeae741685bb9d46bb [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Sun Dec 04 12:24:18 2011 +0000
committer: Paul Bakker <p.j.bakker@polarssl.org> Sun Dec 04 12:24:18 2011 +0000
tree: 3225512c927b0e73ac28b4abca7e8c064e5a7be6
parent: a17bcc3033e5193213b05a9c713829689c9f7692 [diff] [blame]
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 3825106..fea43ee 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c

@@ -224,12 +224,12 @@
 
 #if defined(POLARSSL_FS_IO)
     if( strlen( opt.ca_file ) )
-        ret = x509parse_crtfile( &cacert, opt.ca_file );
+        ret = x509parse_crtfile( &cacert, opt.ca_file, X509_NON_PERMISSIVE );
     else 
 #endif
 #if defined(POLARSSL_CERTS_C)
         ret = x509parse_crt( &cacert, (unsigned char *) test_ca_crt,
-                strlen( test_ca_crt ) );
+                strlen( test_ca_crt ), X509_NON_PERMISSIVE );
 #else
     {
         ret = 1;
@@ -254,12 +254,12 @@
 
 #if defined(POLARSSL_FS_IO)
     if( strlen( opt.crt_file ) )
-        ret = x509parse_crtfile( &clicert, opt.crt_file );
+        ret = x509parse_crtfile( &clicert, opt.crt_file, X509_NON_PERMISSIVE );
     else 
 #endif
 #if defined(POLARSSL_CERTS_C)
         ret = x509parse_crt( &clicert, (unsigned char *) test_cli_crt,
-                strlen( test_cli_crt ) );
+                strlen( test_cli_crt ), X509_NON_PERMISSIVE );
 #else
     {
         ret = 1;
commit	6c0ceb3f9aacdabeb475acdeae741685bb9d46bb	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Sun Dec 04 12:24:18 2011 +0000
committer	Paul Bakker <p.j.bakker@polarssl.org>	Sun Dec 04 12:24:18 2011 +0000
tree	3225512c927b0e73ac28b4abca7e8c064e5a7be6
parent	a17bcc3033e5193213b05a9c713829689c9f7692 [diff] [blame]