CVSROOT: /cvs
Module name: src
Changes by: bc...@cvs.openbsd.org 2014/12/07 08:00:32
Modified files:
lib/libtls : tls.c tls_client.c tls_internal.h tls_verify.c
Log message:
Allow specific libtls hostname validation errors to propagate.
Remove direct calls to printf from the tls_check_hostname() path. This allows
NUL byte error messages to bubble up to the caller, to be logged in a
program-appropriate way. It also removes non-portable calls to getprogname().
The semantics of tls_error() are changed slightly: the last error message is
not necessarily preserved between subsequent calls into the library.
When the previous call to libtls succeeds, client programs should treat the
return value of tls_error() as undefined.
ok tedu@
