[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_2_99_1-7-g44cd78f
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_2_99_1-7-g44cd78f |
|
Date: |
Tue, 03 May 2011 19:39:43 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=44cd78f93290902906aa6aa7416e03bc57dd5a47
The branch, master has been updated
via 44cd78f93290902906aa6aa7416e03bc57dd5a47 (commit)
from 8d70b4153ce937b2deef8163edc6e1784386c915 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 44cd78f93290902906aa6aa7416e03bc57dd5a47
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue May 3 14:07:08 2011 +0200
Added gnutls_certificate_get_issuer() to allow getting the issuer a
certificate from the certificate credentials structure.
-----------------------------------------------------------------------
Summary of changes:
.gitignore | 1 +
NEWS | 10 ++
lib/gnutls_cert.c | 21 ++++-
lib/includes/gnutls/gnutls.h.in | 36 +++++---
lib/includes/gnutls/x509.h | 3 +
lib/libgnutls.map | 2 +
lib/x509/verify-high.c | 44 +++++++++
tests/Makefile.am | 3 +-
tests/x509cert.c | 187 +++++++++++++++++++++++++++++++++++++++
9 files changed, 291 insertions(+), 16 deletions(-)
create mode 100644 tests/x509cert.c
diff --git a/.gitignore b/.gitignore
index be6c73b..d0fc83e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -452,3 +452,4 @@ lib/ext/libgnutls_ext.la
lib/auth/libgnutls_auth.la
tests/cipher-test
tests/suite/x509paths/X509tests
+tests/x509cert
diff --git a/NEWS b/NEWS
index 00ced7c..eea62ca 100644
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,16 @@ Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005,
2006, 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
See the end for copying conditions.
+* Version 2.99.2 (unreleased)
+
+** libgnutls: Added gnutls_certificate_get_issuer() and
+gnutls_x509_trust_list_get_issuer() to compensate for the
+missing gnutls_certificate_get_x509_cas().
+
+** API and ABI modifications:
+gnutls_certificate_get_issuer: ADDED
+gnutls_x509_trust_list_get_issuer: ADDED
+
* Version 2.99.1 (released 2011-04-23)
** libgnutls: LZO support was removed.
diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c
index 91ad7ca..2b8101c 100644
--- a/lib/gnutls_cert.c
+++ b/lib/gnutls_cert.c
@@ -1,6 +1,6 @@
/*
* Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009,
- * 2010 Free Software Foundation, Inc.
+ * 2010,2011 Free Software Foundation, Inc.
*
* Author: Nikos Mavrogiannopoulos
*
@@ -102,6 +102,25 @@ gnutls_certificate_free_cas
(gnutls_certificate_credentials_t sc)
}
/**
+ * gnutls_certificate_get_issuer:
+ * @sc: is a #gnutls_certificate_credentials_t structure.
+ * @cert: is the certificate to find issuer for
+ * @issuer: Will hold the issuer if any. Should be treated as constant.
+ * @flags: Use zero.
+ *
+ * This function will return the issuer of a given certificate.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
+ * negative error value.
+ **/
+int
+gnutls_certificate_get_issuer (gnutls_certificate_credentials_t sc,
+ gnutls_x509_crt_t cert, gnutls_x509_crt_t* issuer, unsigned int flags)
+{
+ return gnutls_trust_list_get_issuer(sc->tlist, cert, issuer, flags);
+}
+
+/**
* gnutls_certificate_free_ca_names:
* @sc: is a #gnutls_certificate_credentials_t structure.
*
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 0cdbffd..46ea4a8 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -944,6 +944,24 @@ extern "C"
gnutls_credentials_type_t type, void *cred);
#define gnutls_cred_set gnutls_credentials_set
+/* x.509 types */
+
+ struct gnutls_x509_privkey_int;
+ typedef struct gnutls_x509_privkey_int *gnutls_x509_privkey_t;
+
+ struct gnutls_x509_crl_int;
+ typedef struct gnutls_x509_crl_int *gnutls_x509_crl_t;
+
+ struct gnutls_x509_crt_int;
+ typedef struct gnutls_x509_crt_int *gnutls_x509_crt_t;
+
+ struct gnutls_x509_crq_int;
+ typedef struct gnutls_x509_crq_int *gnutls_x509_crq_t;
+
+ struct gnutls_openpgp_keyring_int;
+ typedef struct gnutls_openpgp_keyring_int *gnutls_openpgp_keyring_t;
+
+
/* Credential structures - used in gnutls_credentials_set(); */
struct gnutls_certificate_credentials_st;
@@ -988,6 +1006,10 @@ extern "C"
gnutls_certificate_allocate_credentials (gnutls_certificate_credentials_t
* res);
+ int
+ gnutls_certificate_get_issuer (gnutls_certificate_credentials_t sc,
+ gnutls_x509_crt_t cert, gnutls_x509_crt_t* issuer, unsigned int flags);
+
void gnutls_certificate_free_keys (gnutls_certificate_credentials_t sc);
void gnutls_certificate_free_cas (gnutls_certificate_credentials_t sc);
void gnutls_certificate_free_ca_names (gnutls_certificate_credentials_t sc);
@@ -1043,20 +1065,6 @@ extern "C"
/* New functions to allow setting already parsed X.509 stuff.
*/
- struct gnutls_x509_privkey_int;
- typedef struct gnutls_x509_privkey_int *gnutls_x509_privkey_t;
-
- struct gnutls_x509_crl_int;
- typedef struct gnutls_x509_crl_int *gnutls_x509_crl_t;
-
- struct gnutls_x509_crt_int;
- typedef struct gnutls_x509_crt_int *gnutls_x509_crt_t;
-
- struct gnutls_x509_crq_int;
- typedef struct gnutls_x509_crq_int *gnutls_x509_crq_t;
-
- struct gnutls_openpgp_keyring_int;
- typedef struct gnutls_openpgp_keyring_int *gnutls_openpgp_keyring_t;
int gnutls_certificate_set_x509_key (gnutls_certificate_credentials_t res,
gnutls_x509_crt_t * cert_list,
diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h
index a3afeeb..f220844 100644
--- a/lib/includes/gnutls/x509.h
+++ b/lib/includes/gnutls/x509.h
@@ -836,6 +836,9 @@ extern "C"
void
gnutls_x509_trust_list_deinit (gnutls_x509_trust_list_t list, unsigned int
all);
+ int gnutls_trust_list_get_issuer(gnutls_x509_trust_list_t list,
+ gnutls_x509_crt_t cert, gnutls_x509_crt_t* issuer, unsigned int flags);
+
int
gnutls_x509_trust_list_add_cas (gnutls_x509_trust_list_t list,
const gnutls_x509_crt_t * clist, int clist_size, unsigned int flags);
diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index 87d70cc..229792e 100644
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -709,6 +709,8 @@ GNUTLS_3_0_0 {
gnutls_pcert_import_openpgp_raw;
gnutls_pubkey_get_openpgp_key_id;
gnutls_certificate_set_retrieve_function2;
+ gnutls_x509_trust_list_get_issuer;
+ gnutls_certificate_get_issuer;
} GNUTLS_2_12;
GNUTLS_PRIVATE {
diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c
index 8452009..f911229 100644
--- a/lib/x509/verify-high.c
+++ b/lib/x509/verify-high.c
@@ -314,6 +314,50 @@ gnutls_datum_t dn;
return clist_size;
}
+/**
+ * gnutls_x509_trust_list_get_issuer:
+ * @list: The structure of the list
+ * @cert: is the certificate to find issuer for
+ * @issuer: Will hold the issuer if any. Should be treated as constant.
+ * @flags: Use zero.
+ *
+ * This function will attempt to find the issuer of the
+ * given certificate.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
+ * negative error value.
+ **/
+int gnutls_trust_list_get_issuer(gnutls_x509_trust_list_t list,
+ gnutls_x509_crt_t cert, gnutls_x509_crt_t* issuer, unsigned int flags)
+{
+gnutls_datum_t dn;
+int ret, i;
+uint32_t hash;
+
+ ret = gnutls_x509_crt_get_raw_issuer_dn(cert, &dn);
+ if (ret < 0)
+ {
+ gnutls_assert();
+ return ret;
+ }
+
+ hash = _gnutls_bhash(dn.data, dn.size, INIT_HASH);
+ hash %= list->size;
+
+ _gnutls_free_datum(&dn);
+
+ for (i=0;i<list->node[hash].trusted_crt_size;i++)
+ {
+ ret = gnutls_x509_crt_check_issuer (cert,
list->node[hash].trusted_crts[i]);
+ if (ret == 1)
+ {
+ *issuer = list->node[hash].trusted_crts[i];
+ return 0;
+ }
+ }
+
+ return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+}
/**
* gnutls_x509_trust_list_verify_crt:
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 3c58d68..48b1e41 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -64,7 +64,8 @@ ctests = simple gc set_pkcs12_cred certder certuniqueid mpi
\
crq_key_id x509sign-verify cve-2009-1415 cve-2009-1416 \
crq_apis init_roundtrip pkcs12_s2k_pem dn2 mini-eagain \
nul-in-x509-names x509_altname pkcs12_encode mini-x509 \
- mini-x509-rehandshake rng-fork mini-eagain-dtls cipher-test #gendh
+ mini-x509-rehandshake rng-fork mini-eagain-dtls cipher-test \
+ x509cert #gendh
if ENABLE_OPENSSL
ctests += openssl
diff --git a/tests/x509cert.c b/tests/x509cert.c
new file mode 100644
index 0000000..ddc08d6
--- /dev/null
+++ b/tests/x509cert.c
@@ -0,0 +1,187 @@
+/*
+ * Copyright (C) 2011 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * GnuTLS is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuTLS is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GnuTLS; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* Parts copied from GnuTLS example programs. */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#if !defined(_WIN32)
+#include <netinet/in.h>
+#include <sys/socket.h>
+#include <sys/wait.h>
+#include <arpa/inet.h>
+#endif
+#include <unistd.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+#include "utils.h"
+
+/* Test for gnutls_certificate_get_issuer() and implicitly for
+ * gnutls_trust_list_get_issuer().
+ */
+
+static void
+tls_log_func (int level, const char *str)
+{
+ fprintf (stderr, "<%d>| %s", level, str);
+}
+
+static unsigned char ca_pem[] =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIB5zCCAVKgAwIBAgIERiYdJzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n"
+ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTExWhcNMDgwNDE3MTMyOTExWjAZMRcw\n"
+ "FQYDVQQDEw5HbnVUTFMgdGVzdCBDQTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA\n"
+ "vuyYeh1vfmslnuggeEKgZAVmQ5ltSdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T\n"
+ "7EPH/N6RvB4BprdssgcQLsthR3XKA84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRi\n"
+ "kfYSW2JazLrtCC4yRCas/SPOUxu78of+3HiTfFm/oXUCAwEAAaNDMEEwDwYDVR0T\n"
+ "AQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTpPBz7rZJu5gak\n"
+ "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\n"
+ "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\n"
+ "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\n"
+ "PfqUpIhz5Bbm7J4=\n" "-----END CERTIFICATE-----\n";
+const gnutls_datum_t ca = { ca_pem, sizeof (ca_pem) };
+
+static unsigned char cert_pem[] =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n"
+ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n"
+ "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n"
+ "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n"
+ "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n"
+ "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n"
+ "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n"
+ "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n"
+ "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n"
+ "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n"
+ "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n"
+ "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n";
+const gnutls_datum_t cert = { cert_pem, sizeof (cert_pem) };
+
+static unsigned char key_pem[] =
+ "-----BEGIN RSA PRIVATE KEY-----\n"
+ "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n"
+ "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n"
+ "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n"
+ "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n"
+ "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n"
+ "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n"
+ "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n"
+ "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n"
+ "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n"
+ "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n"
+ "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n"
+ "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n"
+ "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n"
+ "-----END RSA PRIVATE KEY-----\n";
+const gnutls_datum_t key = { key_pem, sizeof (key_pem) };
+
+static unsigned char server_cert_pem[] =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n"
+ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n"
+ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n"
+ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n"
+ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n"
+ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n"
+ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n"
+ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n"
+ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n"
+ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n"
+ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n"
+ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n"
+ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n";
+
+const gnutls_datum_t server_cert = { server_cert_pem,
+ sizeof (server_cert_pem)
+};
+
+static unsigned char server_key_pem[] =
+ "-----BEGIN RSA PRIVATE KEY-----\n"
+ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n"
+ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n"
+ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n"
+ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n"
+ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n"
+ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n"
+ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n"
+ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n"
+ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n"
+ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n"
+ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n"
+ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n"
+ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n"
+ "-----END RSA PRIVATE KEY-----\n";
+
+const gnutls_datum_t server_key = { server_key_pem,
+ sizeof (server_key_pem)
+};
+
+
+void
+doit (void)
+{
+ gnutls_certificate_credentials_t x509_cred;
+ int ret;
+ gnutls_x509_crt_t crt, issuer;
+ char dn[128];
+ size_t dn_size;
+
+ /* this must be called once in the program
+ */
+ gnutls_global_init ();
+
+ gnutls_global_set_log_function (tls_log_func);
+ if (debug)
+ gnutls_global_set_log_level (6);
+
+ gnutls_certificate_allocate_credentials (&x509_cred);
+ gnutls_certificate_set_x509_trust_mem (x509_cred, &ca, GNUTLS_X509_FMT_PEM);
+
+ gnutls_certificate_set_x509_key_mem (x509_cred, &server_cert, &server_key,
+ GNUTLS_X509_FMT_PEM);
+
+ /* test for gnutls_certificate_get_issuer() */
+ gnutls_x509_crt_init(&crt);
+ ret = gnutls_x509_crt_import(crt, &cert, GNUTLS_X509_FMT_PEM);
+ if (ret < 0)
+ fail("gnutls_x509_crt_import");
+
+ ret = gnutls_certificate_get_issuer(x509_cred, crt, &issuer, 0);
+ if (ret < 0)
+ fail("gnutls_certificate_get_isser");
+
+ dn_size = sizeof(dn);
+ ret = gnutls_x509_crt_get_dn(issuer, dn, &dn_size);
+ if (ret < 0)
+ fail("gnutls_certificate_get_isser");
+
+ fprintf(stderr, "Issuer's DN: %s\n", dn);
+
+ success("success");
+}
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_2_99_1-7-g44cd78f,
Nikos Mavrogiannopoulos <=