From 25422e1f02afdc044597fb228f0a3388012d463f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Oct 2018 10:28:01 +0100 Subject: [PATCH 1/2] Improve documentation of mbedtls_ssl_get_verify_result() Fixes #517. --- include/mbedtls/ssl.h | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index d98e5ed9e..1fe8d8c86 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1998,13 +1998,14 @@ size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ); /** * \brief Return the result of the certificate verification * - * \param ssl SSL context + * \param ssl The SSL context to use. * - * \return 0 if successful, - * -1 if result is not available (eg because the handshake was - * aborted too early), or - * a combination of BADCERT_xxx and BADCRL_xxx flags, see - * x509.h + * \return \c 0 if the certificate verification was successful. + * \return \c -1u if the result is not available. This may happen + * e.g. if the handshake aborts early, or a verification + * callback returned a fatal error. + * \return A bitwise combination of \c MBEDTLS_X509_BADCERT_XXX + * and \c MBEDTLS_X509_BADCRL_XXX failure flags; see x509.h. */ uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ); From 8ac041637f68b2d9c81f1dd57661c09ff25a4725 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 30 Oct 2018 10:08:33 +0000 Subject: [PATCH 2/2] Adapt ChangeLog --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ChangeLog b/ChangeLog index 7ef0342bc..3a73544d2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -32,6 +32,8 @@ Changes in the same way as on the server side. * Change the dtls_client and dtls_server samples to work by default over IPv6 and optionally by a build option over IPv4. + * Improve documentation of mbedtls_ssl_get_verify_result(). + Fixes #517 reported by github-monoculture. = mbed TLS 2.1.15 branch released 2018-08-31