[SCM] GNU gnutls branch, master, updated. gnutls_3_0

gnutls-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, master, updated. gnutls_3_0_7-81-g0bc58b2

From:	Simon Josefsson
Subject:	[SCM] GNU gnutls branch, master, updated. gnutls_3_0_7-81-g0bc58b2
Date:	Sat, 12 Nov 2011 09:24:23 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=0bc58b2bb637c30331133f713dd2f4d5da719f05

The branch, master has been updated
       via  0bc58b2bb637c30331133f713dd2f4d5da719f05 (commit)
      from  6877c6f746a7db88407f53646c290e8c44563bf4 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 0bc58b2bb637c30331133f713dd2f4d5da719f05
Author: Simon Josefsson <address@hidden>
Date:   Sat Nov 12 10:24:18 2011 +0100

    Don't export verify-high structs internally.

-----------------------------------------------------------------------

Summary of changes:
 lib/x509/verify-high.c |   62 +++++++++++++++++++++++++++++++++++++++++++++++-
 lib/x509/verify-high.h |   47 +++++++++++++++++------------------
 2 files changed, 84 insertions(+), 25 deletions(-)

diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c
index b0efe32..31eb1c0 100644
--- a/lib/x509/verify-high.c
+++ b/lib/x509/verify-high.c
@@ -20,7 +20,6 @@
  *
  */
 
-
 #include <gnutls_int.h>
 #include <gnutls_errors.h>
 #include <libtasn1.h>
@@ -34,6 +33,31 @@
 #include <common.h>
 #include "verify-high.h"
 
+struct named_cert_st {
+  gnutls_x509_crt_t cert;
+  uint8_t name[MAX_NAME_SIZE];
+  unsigned int name_size;
+};
+
+struct node_st {
+  /* The trusted certificates */
+  gnutls_x509_crt_t *trusted_cas;
+  unsigned int trusted_ca_size;
+
+  struct named_cert_st *named_certs;
+  unsigned int named_cert_size;
+
+  /* The trusted CRLs */
+  gnutls_x509_crl_t *crls;
+  unsigned int crl_size;
+};
+
+struct gnutls_x509_trust_list_st {
+  int size;
+  struct node_st *node;
+};
+
+#define INIT_HASH 0x33a1
 #define DEFAULT_SIZE 503
 
 /**
@@ -595,3 +619,39 @@ 
gnutls_x509_trust_list_verify_named_crt(gnutls_x509_trust_list_t list,
 
     return 0;
 }
+
+int
+_gnutls_trustlist_inlist_p (gnutls_x509_trust_list_t list,
+                           gnutls_x509_crt_t cert)
+{
+  gnutls_datum_t dn;
+  int ret, i;
+  uint32_t hash;
+
+  ret = gnutls_x509_crt_get_raw_dn (cert, &dn);
+  if (ret < 0)
+    {
+      gnutls_assert();
+      return ret;
+    }
+
+  hash = _gnutls_bhash(dn.data, dn.size, INIT_HASH);
+  hash %= list->size;
+
+  _gnutls_free_datum (&dn);
+
+  for (i = 0; i < list->node[hash].trusted_ca_size; i++)
+    {
+      ret = check_if_same_cert (cert, list->node[hash].trusted_cas[i]);
+      if (ret < 0)
+       {
+         gnutls_assert ();
+         return ret;
+       }
+
+      if (ret == 1)
+       return 1;
+    }
+
+  return 0;
+}
diff --git a/lib/x509/verify-high.h b/lib/x509/verify-high.h
index c241b08..5272806 100644
--- a/lib/x509/verify-high.h
+++ b/lib/x509/verify-high.h
@@ -1,25 +1,24 @@
-struct named_cert_st {
-  gnutls_x509_crt_t cert;
-  uint8_t name[MAX_NAME_SIZE];
-  unsigned int name_size;
-};
+/*
+ * Copyright (C) 2011 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 3 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
 
-struct node_st {
-  /* The trusted certificates */
-  gnutls_x509_crt_t *trusted_cas;
-  unsigned int trusted_ca_size;
-
-  struct named_cert_st *named_certs;
-  unsigned int named_cert_size;
-
-  /* The trusted CRLs */
-  gnutls_x509_crl_t *crls;
-  unsigned int crl_size;
-};
-
-struct gnutls_x509_trust_list_st {
-  int size;
-  struct node_st *node;
-};
-
-#define INIT_HASH 0x33a1
+int _gnutls_trustlist_inlist_p (gnutls_x509_trust_list_t list,
+                               gnutls_x509_crt_t cert);


hooks/post-receive
-- 
GNU gnutls

[Prev in Thread]

Current Thread

[Next in Thread]

[SCM] GNU gnutls branch, master, updated. gnutls_3_0_7-81-g0bc58b2, Simon Josefsson <=

Prev by Date: [SCM] GNU gnutls branch, master, updated. gnutls_3_0_7-80-g6877c6f
Next by Date: [SCM] GNU gnutls branch, master, updated. gnutls_3_0_7-82-g5441fe2
Previous by thread: [SCM] GNU gnutls branch, master, updated. gnutls_3_0_7-80-g6877c6f
Next by thread: [SCM] GNU gnutls branch, master, updated. gnutls_3_0_7-82-g5441fe2
Index(es):
- Date
- Thread