Only return VERIFY_FAILED from a single point Everything else is a fatal error. Also improve documentation about that for the vrfy callback.

commit: d0e755716f88234e19f9a8289ea3ba22861c85e7 [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Jul 10 11:31:01 2017 +0200
committer: Simon Butcher <simon.butcher@arm.com> Fri Jul 28 13:15:57 2017 +0100
tree: f147e6ce11c1b82bf6ce0c7bcb2450088c1c3bf0
parent: 8af7bfa982dbc855d159f2e990ea33c464f969bc [diff] [blame]
diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h
index adaacff..de487ce 100644
--- a/include/polarssl/x509.h
+++ b/include/polarssl/x509.h

@@ -76,6 +76,7 @@
 #define POLARSSL_ERR_X509_BAD_INPUT_DATA                   -0x2800  /**< Input invalid. */
 #define POLARSSL_ERR_X509_MALLOC_FAILED                    -0x2880  /**< Allocation of memory failed. */
 #define POLARSSL_ERR_X509_FILE_IO_ERROR                    -0x2900  /**< Read/write of file failed. */
+#define POLARSSL_ERR_X509_FATAL_ERROR                      -0x3000  /**< A fatal error occured, eg the chain is too long or the vrfy callback failed. */
 /* \} name */
 
 /**
commit	d0e755716f88234e19f9a8289ea3ba22861c85e7	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Mon Jul 10 11:31:01 2017 +0200
committer	Simon Butcher <simon.butcher@arm.com>	Fri Jul 28 13:15:57 2017 +0100
tree	f147e6ce11c1b82bf6ce0c7bcb2450088c1c3bf0
parent	8af7bfa982dbc855d159f2e990ea33c464f969bc [diff] [blame]