- Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.
- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
- Programs and tests were adapted accordingly
diff --git a/programs/test/ssl_cert_test.c b/programs/test/ssl_cert_test.c
index 2e4e6c5..57ea32c 100644
--- a/programs/test/ssl_cert_test.c
+++ b/programs/test/ssl_cert_test.c
@@ -100,7 +100,7 @@
* Alternatively, you may load the CA certificates from a .pem or
* .crt file by calling x509parse_crtfile( &cacert, "myca.crt" ).
*/
- ret = x509parse_crtfile( &cacert, "ssl/test-ca/test-ca.crt", X509_NON_PERMISSIVE );
+ ret = x509parse_crtfile( &cacert, "ssl/test-ca/test-ca.crt" );
if( ret != 0 )
{
printf( " failed\n ! x509parse_crtfile returned %d\n\n", ret );
@@ -148,7 +148,7 @@
printf( " . Loading the client certificate %s...", name );
fflush( stdout );
- ret = x509parse_crtfile( &clicert, name, X509_NON_PERMISSIVE );
+ ret = x509parse_crtfile( &clicert, name );
if( ret != 0 )
{
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
diff --git a/programs/test/ssl_test.c b/programs/test/ssl_test.c
index 3337540..59fab01 100644
--- a/programs/test/ssl_test.c
+++ b/programs/test/ssl_test.c
@@ -214,7 +214,7 @@
goto exit;
#else
ret = x509parse_crt( &srvcert, (unsigned char *) test_srv_crt,
- strlen( test_srv_crt ), X509_NON_PERMISSIVE );
+ strlen( test_srv_crt ) );
if( ret != 0 )
{
printf( " ! x509parse_crt returned %d\n\n", ret );
@@ -222,7 +222,7 @@
}
ret = x509parse_crt( &srvcert, (unsigned char *) test_ca_crt,
- strlen( test_ca_crt ), X509_NON_PERMISSIVE );
+ strlen( test_ca_crt ) );
if( ret != 0 )
{
printf( " ! x509parse_crt returned %d\n\n", ret );