Remove ssl->verify_result. Having two copies of this is confusing. This field is inherently tied to the certificate chain, which lives on SSL_SESSION, so this should live there too. This also wasn't getting reset correctly on SSL_clear, but this is now resolved. Change-Id: I22b1734a93320bb0bf0dc31faa74d77a8e1de906 Reviewed-on: https://boringssl-review.googlesource.com/10283 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: 7aa31d68fc873ff3e8d1f85354b21b7b75d5bc36 [log] [tgz]
author: David Benjamin <davidben@google.com> Mon Aug 08 21:38:32 2016 -0400
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Fri Aug 19 18:29:43 2016 +0000
tree: 9be4d4b9c8a64982a055d212266b123267c45591
parent: 93d9743def881bdf106e6496d917aeeae686b094 [diff] [blame]
diff --git a/ssl/internal.h b/ssl/internal.h
index 4f13459..6e3a744 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h

@@ -1301,7 +1301,8 @@
 void ssl_cert_set_cert_cb(CERT *cert,
                           int (*cb)(SSL *ssl, void *arg), void *arg);
 
-int ssl_verify_cert_chain(SSL *ssl, STACK_OF(X509) *cert_chain);
+int ssl_verify_cert_chain(SSL *ssl, long *out_verify_result,
+                          STACK_OF(X509) * cert_chain);
 void ssl_update_cache(SSL *ssl, int mode);
 
 /* ssl_get_compatible_server_ciphers determines the key exchange and
commit	7aa31d68fc873ff3e8d1f85354b21b7b75d5bc36	[log] [tgz]
author	David Benjamin <davidben@google.com>	Mon Aug 08 21:38:32 2016 -0400
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Fri Aug 19 18:29:43 2016 +0000
tree	9be4d4b9c8a64982a055d212266b123267c45591
parent	93d9743def881bdf106e6496d917aeeae686b094 [diff] [blame]