changeset 4626:44077e31f39c

MSG clarification You can trust an intermediate certificate in a chain, so let's be careful with words here. It would of course be better to tell the user which certificate was trusted in that case, but my understanding is that I would have to go through each certificate in the chain and try to match it against all of the trusted certificates, like mbed tls's verification code does in the first place. This would involve a lot of digging around in mbed tls's structures and using resources...
author corvid
date Mi, 06 Jul 2016 14:06:52 +0000
parents a36f70eb5b98
children 1d6e27a3f314
files src/IO/tls.c
diffstat 1 files changed, 1 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/src/IO/tls.c	Mi Jul 06 06:07:39 2016 +0000
+++ b/src/IO/tls.c	Mi Jul 06 14:06:52 2016 +0000
@@ -1110,7 +1110,7 @@
    int i, j;
    if (ca_len)
-      dStr_append(ds, "TLS: Trusted during this session:\n");
+      dStr_append(ds, "TLS: Certificate chain roots during this session:\n");
    for (i = 0; i < ca_len; i++) {
       CertAuth_t *ca = (CertAuth_t *)dList_nth_data(cert_authorities, i);