pike.git / lib / modules / Standards.pmod / X509.pmod

version» Context lines:

pike.git/lib/modules/Standards.pmod/X509.pmod:1719:       if(idx == 0) // The root cert    {    verifiers = authorities[tbs->issuer->get_der()];       // if we don't know the issuer of the root certificate, and we    // require trust, we're done.    if(!verifiers && require_trust)    ERROR(CERT_ROOT_UNTRUSTED);    -  if( !arrayp(verifiers) ) -  verifiers = ({ verifiers }); -  +     // Is the root self signed?    if (tbs->issuer->get_der() == tbs->subject->get_der())    {    DBG("Self signed certificate\n");    m->self_signed = 1;       // always trust our own authority first, even if it is self signed.    if(!verifiers)    verifiers = ({ tbs->public_key }); -  } else if (objectp(verifiers)) { +  } +  +  if (objectp(verifiers))    verifiers = ({ verifiers });    } -  } +        else // otherwise, we make sure the chain is unbroken.    {    // Check not_before. We want the current time to be later.    if(my_time < tbs->not_before)    ERROR(CERT_TOO_NEW);       // Check not_after. We want the current time to be earlier.    if(my_time > tbs->not_after)    ERROR(CERT_TOO_OLD);