- Revamped x509_verify() and the SSL f_vrfy callback implementations

tests/suites/test_suite_x509parse.data

@@ -228,11 +228,11 @@ x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/cr
 
 X509 Certificate verification #19 (Valid Cert, denying callback)
 depends_on:POLARSSL_SHA4_C:POLARSSL_PEM_C:POLARSSL_FS_IO
-x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":NULL:POLARSSL_ERR_X509_CERT_VERIFY_FAILED:0:&verify_none
+x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":NULL:POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_OTHER:verify_none
 
 X509 Certificate verification #20 (Not trusted Cert, allowing callback)
 depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO
-x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":NULL:0:0:&verify_all
+x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":NULL:0:0:verify_all
 
 X509 Certificate verification #21 (domain matching wildcard certificate)
 depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO

tests/suites/test_suite_x509parse.function

@@ -2,22 +2,22 @@ BEGIN_HEADER
 #include <polarssl/x509.h>
 #include <polarssl/pem.h>
 
-int verify_none( void *data, x509_cert *crt, int certificate_depth, int preverify_ok )
+int verify_none( void *data, x509_cert *crt, int certificate_depth, int *flags )
 {
     ((void) data);
     ((void) crt);
     ((void) certificate_depth);
-    ((void) preverify_ok);
-
-    return 1;
+    *flags |= BADCERT_OTHER;
+    
+    return 0;
 }
 
-int verify_all( void *data, x509_cert *crt, int certificate_depth, int preverify_ok )
+int verify_all( void *data, x509_cert *crt, int certificate_depth, int *flags )
 {
     ((void) data);
     ((void) crt);
     ((void) certificate_depth);
-    ((void) preverify_ok);
+    *flags = 0;
 
     return 0;
 }