if self.getPort() != '*':
err.append('Port %s not a number' % self.getPort())
if not self.usage in [0,1,2,3]:
- err.append('Usage: invalid (%s is not one of 0, 1 or 2)' % self.usage)
+ err.append('Usage: invalid (%s is not one of 0, 1, 2 or 3)' % self.usage)
if not self.selector in [0,1]:
err.append('Selector: invalid (%s is not one of 0 or 1)' % self.selector)
if not self.mtype in [0,1,2]:
elif record.usage == 2: # Usage 2, use the cert in the record as trust anchor
#FIXME: doesnt comply to the spec
matched = False
+ previous_issuer = None
for cert in chain:
+ if previous_issuer:
+ if not str(previous_issuer) == str(cert.get_subject()): # The chain cannot be valid
+ print "FAIL: Certificates don't chain"
+ break
+ previous_issuer = cert.get_issuer()
if verifyCertMatch(record, cert):
matched = True
continue