Only return VERIFY_FAILED from a single point Everything else is a fatal error. Also improve documentation about that for the vrfy callback.

commit: c386317298520b84260ec6b6615aa86ba1625195 [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Jun 26 10:11:49 2017 +0200
committer: Simon Butcher <simon.butcher@arm.com> Fri Jul 28 12:20:48 2017 +0100
tree: 15440edebcdb395672d4649f3c922a4a8805d511
parent: 489939f829ad09dae72731729ea36240f630e49f [diff] [blame]
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 906866d..60f59a9 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h

@@ -920,7 +920,7 @@
  *
  *                 If set, the verify callback is called for each
  *                 certificate in the chain. For implementation
- *                 information, please see \c x509parse_verify()
+ *                 information, please see \c mbedtls_x509_crt_verify()
  *
  * \param conf     SSL configuration
  * \param f_vrfy   verification function
commit	c386317298520b84260ec6b6615aa86ba1625195	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Mon Jun 26 10:11:49 2017 +0200
committer	Simon Butcher <simon.butcher@arm.com>	Fri Jul 28 12:20:48 2017 +0100
tree	15440edebcdb395672d4649f3c922a4a8805d511
parent	489939f829ad09dae72731729ea36240f630e49f [diff] [blame]