Prevent misuses of gnutls_x509_trust_list_set_getissuer_function callback
The callback set by gnutls_x509_trust_list_set_getissuer_function
is currently expected to (1) inspect the downloaded certificates are trusted and (2) inject it to the trust list with gnutls_x509_trust_list_add_cas
. This process is error-prone and we should provide a better interface to prevent misuses.
The proposal is to change the callback type to return the downloaded certificates as an output parameter.