pike.git / lib / modules / SSL.pmod / Connection.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Connection.pike:299:       // ok, so we have a certificate chain whose client certificate is    // issued by an authority known to us.       // next we must verify the chain to see if the chain is unbroken       mapping result =    Standards.X509.verify_certificate_chain(certs,    context->trusted_issuers_cache,    context->require_trust); -  if(result->verified) -  { +     // This data isn't actually used internally.    session->cert_data = result; -  +  +  if(result->verified)    return [array(Standards.X509.TBSCertificate)]result->certificates; -  } +        return 0;   }      // Decodes certificate data. Leaves session->peer_certificate_chain   // either 0 or with an array with 1 or more certificates. If   // certificates are received session->peer_public_key is updated with   // the public key object. If that is an ECC object, the curve is set   // in session->curve.   int(0..1) handle_certificates(Buffer packet)