[PATCH] gtls: stop using deprecated GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT option

Alessandro Ghedini Sun, 08 Mar 2015 12:43:54 -0700

On newer GnuTLS versions it's defined to 0, so it's basically a no-op.

Cheers

From a10bbef8c65fe7b85ca82e738a72b174f65241b1 Mon Sep 17 00:00:00 2001
From: Alessandro Ghedini <[email protected]>
Date: Sun, 8 Mar 2015 20:29:21 +0100
Subject: [PATCH] gtls: stop using deprecated
 GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT option


On newer GnuTLS versions it's defined to 0, so it's basically a no-op.
---
 lib/vtls/gtls.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index c792540..a4c3e8f 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -449,9 +449,6 @@ gtls_connect_step1(struct connectdata *conn,
 
   if(data->set.ssl.CAfile) {
     /* set the trusted CA cert bundle file */
-    gnutls_certificate_set_verify_flags(conn->ssl[sockindex].cred,
-                                        GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
-
     rc = gnutls_certificate_set_x509_trust_file(conn->ssl[sockindex].cred,
                                                 data->set.ssl.CAfile,
                                                 GNUTLS_X509_FMT_PEM);
-- 
2.1.4

signature.asc
Description: Digital signature

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html

[PATCH] gtls: stop using deprecated GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT option

Reply via email to