Clean up mbedtls_ssl_check_cert_usage() Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

commit: 94f70228e9b93cf84b8cb00e544d8a66dc108011 [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Fri Aug 09 11:26:25 2024 +0200
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Sep 02 12:46:03 2024 +0200
tree: 1bc10ef997231209e025a8c9dc263dcfc68a6a16
parent: 2ffa53aa28d58d406162f4323fe7aba15ac1d124 [diff] [blame]
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 120f8ca..e00dcfc 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h

@@ -1674,18 +1674,18 @@
 }
 
 /*
- * Check usage of a certificate wrt extensions:
- * keyUsage, extendedKeyUsage (later), and nSCertType (later).
+ * Check usage of a certificate wrt usage extensions:
+ * keyUsage and extendedKeyUsage.
+ * (Note: nSCertType is deprecated and not standard, we don't check it.)
  *
- * Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we
- * check a cert we received from them)!
+ * Note: recv_endpoint is the receiver's endpoint.
  *
  * Return 0 if everything is OK, -1 if not.
  */
 MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_check_cert_usage(const mbedtls_x509_crt *cert,
                                  const mbedtls_ssl_ciphersuite_t *ciphersuite,
-                                 int cert_endpoint,
+                                 int recv_endpoint,
                                  uint32_t *flags);
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
commit	94f70228e9b93cf84b8cb00e544d8a66dc108011	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Fri Aug 09 11:26:25 2024 +0200
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Mon Sep 02 12:46:03 2024 +0200
tree	1bc10ef997231209e025a8c9dc263dcfc68a6a16
parent	2ffa53aa28d58d406162f4323fe7aba15ac1d124 [diff] [blame]