Google Git
Sign in
boringssl/boringssl.git/58a318edc892a595a5b043359a5d441869158699^!/./pki/cert_errors.h
commit
58a318edc892a595a5b043359a5d441869158699
[log]
author
Bob Beck <bbe@google.com>
Tue Feb 13 22:54:29 2024 +0000
committer
Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>
Wed Feb 14 00:07:23 2024 +0000
tree
e572178478cbc602ef10cb09a74d8edd650bb7f4
parent
80b08dfe5ef7d9190fa28d8204f2f7e8612134ee [diff] [blame]
Make ContainsError look only for Errors, not Warnings.

Currently the way this is used by code checking for errors
is to always assume that what it is looking for has actually
been added as an error. If one of them were added as
a warning, it would in theory do the wrong thing.

We can either delete the warnings, or just change ContainsError
to only consider errors to behave like the code is used today.

Change-Id: Id916281203122fffd1ffc323dc979ff4f8b6425b
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66187
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
Reviewed-by: Matt Mueller <mattm@google.com>

diff --git a/pki/cert_errors.h b/pki/cert_errors.h
index 8f16e11..da35060 100644
--- a/pki/cert_errors.h
+++ b/pki/cert_errors.h

@@ -104,8 +104,13 @@
   // Dumps a textual representation of the errors for debugging purposes.
   std::string ToDebugString() const;
 
-  // Returns true if the error |id| was added to this CertErrors (of any
-  // severity).
+  // Returns true if the error |id| was added to this CertErrors at
+  // severity |severity|
+  bool ContainsErrorWithSeverity(CertErrorId id,
+                                 CertError::Severity severity) const;
+
+  // Returns true if the error |id| was added to this CertErrors at
+  // high serverity.
   bool ContainsError(CertErrorId id) const;
 
   // Returns true if this contains any errors of the given severity level.