pike.git / lib / modules / SSL.pmod / Connection.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Connection.pike:312:    }       // Decode the chain, verify each certificate and verify that the    // chain is unbroken.    mapping result = ([]);    catch {    result = Standards.X509.verify_certificate_chain(certs,    context->trusted_issuers_cache,    context->auth_level >= AUTHLEVEL_require);    }; -  if( !result ) return 0; +  if( !result->verified ) return 0;       if (session->server_name && sizeof([array](result->certificates || ({})))) {    array(Standards.X509.TBSCertificate) certs =    [array(Standards.X509.TBSCertificate)](result->certificates);    Standards.X509.TBSCertificate cert = certs[-1];    array(string) globs = Standards.PKCS.Certificate.    decode_distinguished_name(cert->subject)->commonName - ({ 0 });    if (cert->ext_subjectAltName_dNSName) {    globs += cert->ext_subjectAltName_dNSName;    }