From 525d9a3cec58d0526c71a7080b07ad4c6fed7ec9 Mon Sep 17 00:00:00 2001
From: Ted Zlatanov <tzz@lifelogs.com>
Date: Mon, 17 Mar 2014 17:29:56 -0400
Subject: [PATCH] gnutls.c (Fgnutls_boot): Fix case of :verify-error = t.

---
 src/ChangeLog |  4 ++++
 src/gnutls.c  | 17 +++++++++++++----
 2 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/src/ChangeLog b/src/ChangeLog
index 54c07f960f1..1330e5ed132 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,7 @@
+2014-03-17  Teodor Zlatanov  <tzz@lifelogs.com>
+
+	* gnutls.c (Fgnutls_boot): Fix case of :verify-error = t.
+
 2014-03-16  Eli Zaretskii  <eliz@gnu.org>
 
 	* search.c (find_newline): Speed up the function when using the
diff --git a/src/gnutls.c b/src/gnutls.c
index dd975b160cd..03c29d03014 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -786,6 +786,7 @@ one trustfile (usually a CA bundle).  */)
 {
   int ret = GNUTLS_E_SUCCESS;
   int max_log_level = 0;
+  bool verify_error_all = 0;
 
   gnutls_session_t state;
   gnutls_certificate_credentials_t x509_cred = NULL;
@@ -825,8 +826,14 @@ one trustfile (usually a CA bundle).  */)
   verify_error          = Fplist_get (proplist, QCgnutls_bootprop_verify_error);
   prime_bits            = Fplist_get (proplist, QCgnutls_bootprop_min_prime_bits);
 
-  if (NILP (Flistp (verify_error)))
-    error ("gnutls-boot: invalid :verify_error parameter (not a list)");
+  if (EQ (verify_error, Qt))
+    {
+      verify_error_all = 1;
+    }
+  else if (NILP (Flistp (verify_error)))
+    {
+      error ("gnutls-boot: invalid :verify_error parameter (not a list)");
+    }
 
   if (!STRINGP (hostname))
     error ("gnutls-boot: invalid :hostname parameter (not a string)");
@@ -1071,7 +1078,8 @@ one trustfile (usually a CA bundle).  */)
 
   if (peer_verification != 0)
     {
-      if (!NILP (Fmember (QCgnutls_bootprop_trustfiles, verify_error)))
+      if (verify_error_all
+          || !NILP (Fmember (QCgnutls_bootprop_trustfiles, verify_error)))
         {
 	  emacs_gnutls_deinit (proc);
 	  error ("Certificate validation failed %s, verification code %d",
@@ -1120,7 +1128,8 @@ one trustfile (usually a CA bundle).  */)
 
       if (!fn_gnutls_x509_crt_check_hostname (gnutls_verify_cert, c_hostname))
 	{
-          if (!NILP (Fmember (QCgnutls_bootprop_hostname, verify_error)))
+          if (verify_error_all
+              || !NILP (Fmember (QCgnutls_bootprop_hostname, verify_error)))
             {
 	      fn_gnutls_x509_crt_deinit (gnutls_verify_cert);
 	      emacs_gnutls_deinit (proc);
-- 
2.39.2