--- gnutls-2.8.4-buggy/lib/x509/verify.c	2009-09-27 20:55:53.000000000 +0200
+++ gnutls-2.8.4/lib/x509/verify.c	2009-09-27 20:42:00.000000000 +0200
@@ -474,7 +474,6 @@ _gnutls_x509_verify_certificate (const g
       gnutls_assert ();
       status |= output;
       status |= GNUTLS_CERT_INVALID;
-      return status;
     }
 
   /* Check for revoked certificates in the chain
@@ -488,7 +487,6 @@ _gnutls_x509_verify_certificate (const g
 	{			/* revoked */
 	  status |= GNUTLS_CERT_REVOKED;
 	  status |= GNUTLS_CERT_INVALID;
-	  return status;
 	}
     }
 #endif
@@ -506,7 +504,6 @@ _gnutls_x509_verify_certificate (const g
 	    {
 	      status |= GNUTLS_CERT_NOT_ACTIVATED;
 	      status |= GNUTLS_CERT_INVALID;
-	      return status;
 	    }
 
 	  t = gnutls_x509_crt_get_expiration_time (certificate_list[i]);
@@ -514,7 +511,6 @@ _gnutls_x509_verify_certificate (const g
 	    {
 	      status |= GNUTLS_CERT_EXPIRED;
 	      status |= GNUTLS_CERT_INVALID;
-	      return status;
 	    }
 	}
     }
@@ -535,13 +531,10 @@ _gnutls_x509_verify_certificate (const g
 	   _gnutls_verify_certificate2 (certificate_list[i - 1],
 					&certificate_list[i], 1, flags,
 					NULL)) == 0)
-	{
-	  status |= GNUTLS_CERT_INVALID;
-	  return status;
-	}
+        status |= GNUTLS_CERT_INVALID;
     }
 
-  return 0;
+  return status;
 }