From 78df7fcc8c7214415978500dfbc2b4f9476686cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 5 Mar 2018 13:22:59 +0100 Subject: [PATCH] Fix some comment typos --- include/mbedtls/x509_crt.h | 2 +- library/x509_crt.c | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index b7fd9e06e9..f82f91fce3 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -282,7 +282,7 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, * used to sign the certificate, CRL verification is skipped * silently, that is *without* setting any flag. * - * \note The \c trust_ca list can contain two type of certificates: + * \note The \c trust_ca list can contain two types of certificates: * (1) those of trusted root CAs, so that certificates * chaining up to those CAs will be trusted, and (2) * self-signed end-entity certificates to be trusted (for diff --git a/library/x509_crt.c b/library/x509_crt.c index fcc9579bbf..18bc87c92b 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1614,7 +1614,8 @@ int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509 } /* - * Check that the given certificate is valid according to the CRL. + * Check that the given certificate is not revoked according to the CRL. + * Skip validation if no CRL for the given CA is present. */ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, mbedtls_x509_crl *crl_list,