From: Nikos Mavrogiannopoulos Date: Sat, 22 Sep 2012 12:09:49 +0000 (+0200) Subject: doc updates X-Git-Tag: gnutls_3_1_2~16 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=78084940d8bcb03216e92096fcde4738101e8417;p=thirdparty%2Fgnutls.git doc updates --- diff --git a/NEWS b/NEWS index 71466897af..e929d78bd1 100644 --- a/NEWS +++ b/NEWS @@ -31,7 +31,7 @@ key usage violation errors (they are far too common to ignore). ** libgnutls: Added GNUTLS_STATELESS_COMPRESSION flag to gnutls_init(), which provides a tool to counter compression-related attacks where -parts of the data are controlled by the attacker _and_ placed in +parts of the data are controlled by the attacker _and_ are placed in separate records (use with care - do not use compression if not sure). ** libgnutls: Depends on libtasn1 2.14 or later. diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c index 36bf149ebe..369e79e71e 100644 --- a/lib/x509/verify-high.c +++ b/lib/x509/verify-high.c @@ -406,8 +406,10 @@ static int shorten_clist(gnutls_x509_trust_list_t list, /* Takes a certificate list and orders it with subject, issuer order. * - * Returns the size of the ordered list (which is always less or + * *clist_size contains the size of the ordered list (which is always less or * equal to the original). + * + * Returns the sorted list which may be the original clist. */ static gnutls_x509_crt_t* sort_clist(gnutls_x509_crt_t sorted[DEFAULT_MAX_VERIFY_DEPTH], gnutls_x509_crt_t * clist,