[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-77-g001a6c4
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-77-g001a6c4 |
Date: |
Wed, 02 Feb 2011 08:18:51 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=001a6c4027d032e0ca2b75f2c2624304b0ab2b02
The branch, master has been updated
via 001a6c4027d032e0ca2b75f2c2624304b0ab2b02 (commit)
via 4cf696a1a11bc77c170853e66781c9e8393af90d (commit)
via 53841d7f26e92db42c0ab966514b269e401fa629 (commit)
via 1c235a2c325b0c97ab485420028e43d8c7628151 (commit)
from 92ddeee9a9352ec4ca01768b6972446312253498 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 001a6c4027d032e0ca2b75f2c2624304b0ab2b02
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Feb 2 09:17:08 2011 +0100
Set memory to zero on allocation.
commit 4cf696a1a11bc77c170853e66781c9e8393af90d
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Feb 2 09:09:09 2011 +0100
fix in contents.
commit 53841d7f26e92db42c0ab966514b269e401fa629
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Feb 2 08:04:39 2011 +0100
prototype fix.
commit 1c235a2c325b0c97ab485420028e43d8c7628151
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Feb 2 08:03:56 2011 +0100
gnutls_x509_trust_list_init() has an extra argument that allows
fine-tuning of the used memory.
-----------------------------------------------------------------------
Summary of changes:
doc/cha-gtls-app.texi | 1 +
doc/examples/ex-verify.c | 2 +-
doc/examples/examples.h | 3 +--
lib/gnutls_cert.c | 2 +-
lib/includes/gnutls/x509.h | 2 +-
lib/x509/verify-high.c | 29 +++++++++++++++++++++--------
src/certtool.c | 2 +-
7 files changed, 27 insertions(+), 14 deletions(-)
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi
index 2f0707d..16a5da1 100644
--- a/doc/cha-gtls-app.texi
+++ b/doc/cha-gtls-app.texi
@@ -178,6 +178,7 @@ implemented by another example.
* Obtaining session information::
* Verifying peer's certificate::
* Using a callback to select the certificate to use::
+* Verifying a certificate::
* Client using a PKCS #11 token with TLS::
* Client with Resume capability example::
* Simple client example with SRP authentication::
diff --git a/doc/examples/ex-verify.c b/doc/examples/ex-verify.c
index 433210c..1cc4f3c 100644
--- a/doc/examples/ex-verify.c
+++ b/doc/examples/ex-verify.c
@@ -43,7 +43,7 @@ verify_certificate_chain (const char *hostname,
* once on initialization. gnutls_x509_crt_list_import2() and
* gnutls_x509_crl_list_import2() can be used to load them.
*/
- gnutls_x509_trust_list_init(&tlist);
+ gnutls_x509_trust_list_init(&tlist, 0);
gnutls_x509_trust_list_add_cas(tlist, ca_list, ca_list_size, 0);
gnutls_x509_trust_list_add_crls(tlist, crl_list, crl_list_size,
diff --git a/doc/examples/examples.h b/doc/examples/examples.h
index bca087a..286f4ff 100644
--- a/doc/examples/examples.h
+++ b/doc/examples/examples.h
@@ -14,8 +14,7 @@ int print_info (gnutls_session_t session);
void print_x509_certificate_info (gnutls_session_t session);
void
-verify_certificate_chain (gnutls_session_t session,
- const char *hostname,
+verify_certificate_chain (const char *hostname,
const gnutls_datum_t * cert_chain,
int cert_chain_length);
diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c
index 27ba009..00a5ea6 100644
--- a/lib/gnutls_cert.c
+++ b/lib/gnutls_cert.c
@@ -270,7 +270,7 @@ int ret;
if (*res == NULL)
return GNUTLS_E_MEMORY_ERROR;
- ret = gnutls_x509_trust_list_init( &(*res)->tlist);
+ ret = gnutls_x509_trust_list_init( &(*res)->tlist, 0);
if (ret < 0)
{
gnutls_assert();
diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h
index 7cbc810..4d88382 100644
--- a/lib/includes/gnutls/x509.h
+++ b/lib/includes/gnutls/x509.h
@@ -831,7 +831,7 @@ extern "C"
typedef struct gnutls_x509_trust_list_st *gnutls_x509_trust_list_t;
int
- gnutls_x509_trust_list_init (gnutls_x509_trust_list_t * list);
+ gnutls_x509_trust_list_init (gnutls_x509_trust_list_t * list, unsigned int
size);
void
gnutls_x509_trust_list_deinit (gnutls_x509_trust_list_t list, unsigned int
all);
diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c
index 6260400..98d3a95 100644
--- a/lib/x509/verify-high.c
+++ b/lib/x509/verify-high.c
@@ -36,7 +36,7 @@
#include "x509_int.h"
#include <common.h>
-#define LIST_SIZE 457
+#define DEFAULT_SIZE 503
#define INIT_HASH 0x33a1
struct node_st {
/* The trusted certificates */
@@ -49,12 +49,14 @@ struct node_st {
};
struct gnutls_x509_trust_list_st {
- struct node_st node[LIST_SIZE];
+ int size;
+ struct node_st *node;
};
/**
* gnutls_x509_trust_list_init:
* @list: The structure to be initialized
+ * @size: The size of the internal hash table. Use zero for default size.
*
* This function will initialize an X.509 trust list structure.
*
@@ -62,13 +64,24 @@ struct gnutls_x509_trust_list_st {
* negative error value.
**/
int
-gnutls_x509_trust_list_init (gnutls_x509_trust_list_t * list)
+gnutls_x509_trust_list_init (gnutls_x509_trust_list_t * list, unsigned int
size)
{
gnutls_x509_trust_list_t tmp = gnutls_calloc (1, sizeof (struct
gnutls_x509_trust_list_st));
if (!tmp)
return GNUTLS_E_MEMORY_ERROR;
+ if (size == 0) size = DEFAULT_SIZE;
+ tmp->size = size;
+
+ tmp->node = gnutls_calloc(1, tmp->size * sizeof(tmp->node[0]));
+ if (tmp->node == NULL)
+ {
+ gnutls_assert();
+ gnutls_free(tmp);
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+
*list = tmp;
return 0; /* success */
@@ -91,7 +104,7 @@ int i, j;
if (all)
{
- for (i=0;i<LIST_SIZE;i++)
+ for (i=0;i<list->size;i++)
{
for (j=0;j<list->node[i].crt_size;j++)
{
@@ -139,7 +152,7 @@ uint32_t hash;
}
hash = _gnutls_bhash(dn.data, dn.size, INIT_HASH);
- hash %= LIST_SIZE;
+ hash %= list->size;
list->node[hash].crts = gnutls_realloc_fast( list->node[hash].crts,
(list->node[hash].crt_size+1)*sizeof(list->node[hash].crts[0]));
if (list->node[hash].crts == NULL)
@@ -203,7 +216,7 @@ uint32_t hash;
}
hash = _gnutls_bhash(dn.data, dn.size, INIT_HASH);
- hash %= LIST_SIZE;
+ hash %= list->size;
_gnutls_free_datum(&dn);
@@ -273,7 +286,7 @@ uint32_t hash;
}
hash = _gnutls_bhash(dn.data, dn.size, INIT_HASH);
- hash %= LIST_SIZE;
+ hash %= list->size;
_gnutls_free_datum(&dn);
@@ -306,7 +319,7 @@ uint32_t hash;
}
hash = _gnutls_bhash(dn.data, dn.size, INIT_HASH);
- hash %= LIST_SIZE;
+ hash %= list->size;
_gnutls_free_datum(&dn);
diff --git a/src/certtool.c b/src/certtool.c
index 0dd60e5..842b3ef 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -2030,7 +2030,7 @@ _verify_x509_mem (const void *cert, int cert_size)
fprintf(stdout, "Loaded %d certificates and %d CRLs\n\n", x509_ncerts,
x509_ncrls);
- ret = gnutls_x509_trust_list_init(&list);
+ ret = gnutls_x509_trust_list_init(&list, 0);
if (ret < 0)
error (EXIT_FAILURE, 0, "gnutls_x509_trust_list_init: %s",
gnutls_strerror (ret));
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-77-g001a6c4,
Nikos Mavrogiannopoulos <=