pike.git / lib / modules / SSL.pmod / Connection.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Connection.pike:310:    return 0;    }    }       // Decode the chain, verify each certificate and verify that the    // chain is unbroken.    mapping result = ([]);    catch {    result = Standards.X509.verify_certificate_chain(certs,    context->trusted_issuers_cache, -  context->auth_level >= AUTHLEVEL_require); +  context->auth_level >= AUTHLEVEL_require, +  ([ "verifier_algorithms" +  : context->verifier_algorithms ]));    };    if( !result->verified ) return 0;       if (session->server_name && sizeof([array](result->certificates || ({})))) {    array(Standards.X509.TBSCertificate) certs =    [array(Standards.X509.TBSCertificate)](result->certificates);    Standards.X509.TBSCertificate cert = certs[-1];    array(string) globs = Standards.PKCS.Certificate.    decode_distinguished_name(cert->subject)->commonName - ({ 0 });    if (cert->ext_subjectAltName_dNSName) {