[SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0

gnutls-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_19-18-g16d5

From:	Nikos Mavrogiannopoulos
Subject:	[SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_19-18-g16d59e2
Date:	Thu, 17 May 2012 12:01:53 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=16d59e276e39c4d71a825d17a46f7fe7387ae070

The branch, gnutls_3_0_x-2 has been updated
       via  16d59e276e39c4d71a825d17a46f7fe7387ae070 (commit)
       via  3fea6560caf3ed5530363e7fe119102904794595 (commit)
      from  162e146a56bb692a5190a709224cc4b0e6abdd04 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 16d59e276e39c4d71a825d17a46f7fe7387ae070
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Wed May 16 19:40:45 2012 +0200

    Be more conservative with examples. 
gnutls_certificate_set_x509_system_trust() returns 
GNUTLS_E_UNIMPLEMENTED_FEATURE on systems that do not have a (known) default 
trust store.

commit 3fea6560caf3ed5530363e7fe119102904794595
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Wed May 16 19:28:34 2012 +0200

    Revert "updated examples"
    
    This reverts commit 559614fc7a288bf6eaf36ebe696e07b150c96be5.

-----------------------------------------------------------------------

Summary of changes:
 doc/examples/ex-client-dtls.c   |    3 ++-
 doc/examples/ex-client-resume.c |    3 ++-
 doc/examples/ex-client-srp.c    |    5 +++--
 doc/examples/ex-client-x509.c   |   10 ++++------
 doc/examples/ex-serv-x509.c     |    1 +
 lib/gnutls_x509.c               |   14 ++++++++++++--
 6 files changed, 24 insertions(+), 12 deletions(-)

diff --git a/doc/examples/ex-client-dtls.c b/doc/examples/ex-client-dtls.c
index 377c42e..21e7244 100644
--- a/doc/examples/ex-client-dtls.c
+++ b/doc/examples/ex-client-dtls.c
@@ -18,6 +18,7 @@
  */
 
 #define MAX_BUF 1024
+#define CAFILE "/etc/ssl/certs/ca-certificates.crt"
 #define MSG "GET / HTTP/1.0\r\n\r\n"
 
 extern int udp_connect (void);
@@ -39,7 +40,7 @@ main (void)
   gnutls_certificate_allocate_credentials (&xcred);
 
   /* sets the trusted cas file */
-  gnutls_certificate_set_x509_system_trust(xcred); 
+  gnutls_certificate_set_x509_trust_file (xcred, CAFILE, GNUTLS_X509_FMT_PEM);
   gnutls_certificate_set_verify_function (xcred, verify_certificate_callback);
 
   /* Initialize TLS session */
diff --git a/doc/examples/ex-client-resume.c b/doc/examples/ex-client-resume.c
index cfa3aad..c094950 100644
--- a/doc/examples/ex-client-resume.c
+++ b/doc/examples/ex-client-resume.c
@@ -16,6 +16,7 @@ extern int tcp_connect (void);
 extern void tcp_close (int sd);
 
 #define MAX_BUF 1024
+#define CAFILE "/etc/ssl/certs/ca-certificates.crt"
 #define MSG "GET / HTTP/1.0\r\n\r\n"
 
 int
@@ -38,7 +39,7 @@ main (void)
   /* X509 stuff */
   gnutls_certificate_allocate_credentials (&xcred);
 
-  gnutls_certificate_set_x509_system_trust(xcred); 
+  gnutls_certificate_set_x509_trust_file (xcred, CAFILE, GNUTLS_X509_FMT_PEM);
 
   for (t = 0; t < 2; t++)
     {                           /* connect 2 times to the server */
diff --git a/doc/examples/ex-client-srp.c b/doc/examples/ex-client-srp.c
index 172c152..7784075 100644
--- a/doc/examples/ex-client-srp.c
+++ b/doc/examples/ex-client-srp.c
@@ -18,6 +18,7 @@ extern void tcp_close (int sd);
 #define MAX_BUF 1024
 #define USERNAME "user"
 #define PASSWORD "pass"
+#define CAFILE "/etc/ssl/certs/ca-certificates.crt"
 #define MSG "GET / HTTP/1.0\r\n\r\n"
 
 int
@@ -35,8 +36,8 @@ main (void)
   gnutls_srp_allocate_client_credentials (&srp_cred);
   gnutls_certificate_allocate_credentials (&cert_cred);
 
-  gnutls_certificate_set_x509_system_trust(cert_cred); 
-
+  gnutls_certificate_set_x509_trust_file (cert_cred, CAFILE,
+                                          GNUTLS_X509_FMT_PEM);
   gnutls_srp_set_client_credentials (srp_cred, USERNAME, PASSWORD);
 
   /* connects to server
diff --git a/doc/examples/ex-client-x509.c b/doc/examples/ex-client-x509.c
index e442886..c914ba7 100644
--- a/doc/examples/ex-client-x509.c
+++ b/doc/examples/ex-client-x509.c
@@ -17,7 +17,7 @@
  */
 
 #define MAX_BUF 1024
-/* #define CAFILE "/etc/ssl/certs/ca-certificates.crt" */
+#define CAFILE "/etc/ssl/certs/ca-certificates.crt"
 #define MSG "GET / HTTP/1.0\r\n\r\n"
 
 extern int tcp_connect (void);
@@ -37,12 +37,10 @@ int main (void)
   /* X509 stuff */
   gnutls_certificate_allocate_credentials (&xcred);
 
-  /* sets the trusted cas to be the system ones
+  /* sets the trusted cas file
    */
-  gnutls_certificate_set_x509_system_trust(xcred); 
-  /* gnutls_certificate_set_x509_trust_file (xcred, CAFILE, 
GNUTLS_X509_FMT_PEM); 
-   */
-
+  /* gnutls_certificate_set_x509_system_trust(xcred); */
+  gnutls_certificate_set_x509_trust_file (xcred, CAFILE, GNUTLS_X509_FMT_PEM);
   gnutls_certificate_set_verify_function (xcred, _verify_certificate_callback);
   
   /* If client holds a certificate it can be set using the following:
diff --git a/doc/examples/ex-serv-x509.c b/doc/examples/ex-serv-x509.c
index dedd1a1..a8dc20e 100644
--- a/doc/examples/ex-serv-x509.c
+++ b/doc/examples/ex-serv-x509.c
@@ -84,6 +84,7 @@ main (void)
   gnutls_global_init ();
 
   gnutls_certificate_allocate_credentials (&x509_cred);
+  /* gnutls_certificate_set_x509_system_trust(xcred); */
   gnutls_certificate_set_x509_trust_file (x509_cred, CAFILE,
                                           GNUTLS_X509_FMT_PEM);
 
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c
index e859a1f..4f15ea1 100644
--- a/lib/gnutls_x509.c
+++ b/lib/gnutls_x509.c
@@ -1590,7 +1590,7 @@ gnutls_certificate_set_x509_trust_file 
(gnutls_certificate_credentials_t cred,
 
 #ifdef DEFAULT_TRUST_STORE_FILE
 static int
-_gnutls_certificate_set_x509_system_trust_file 
(gnutls_certificate_credentials_t cred)
+set_x509_system_trust_file (gnutls_certificate_credentials_t cred)
 {
   int ret;
   gnutls_datum_t cas;
@@ -1625,6 +1625,9 @@ _gnutls_certificate_set_x509_system_trust_file 
(gnutls_certificate_credentials_t
  * This function adds the system's default trusted CAs in order to
  * verify client or server certificates.
  *
+ * In the case the system is currently unsupported 
%GNUTLS_E_UNIMPLEMENTED_FEATURE
+ * is returned.
+ *
  * Returns: the number of certificates processed or a negative error code
  * on error.
  *
@@ -1633,17 +1636,24 @@ _gnutls_certificate_set_x509_system_trust_file 
(gnutls_certificate_credentials_t
 int
 gnutls_certificate_set_x509_system_trust (gnutls_certificate_credentials_t 
cred)
 {
+#if !defined(DEFAULT_TRUST_STORE_PKCS11) && !defined(DEFAULT_TRUST_STORE_FILE)
+  int r = GNUTLS_E_UNIMPLEMENTED_FEATURE;
+#else
   int ret, r = 0;
+#endif
+
 #if defined(ENABLE_PKCS11) && defined(DEFAULT_TRUST_STORE_PKCS11)
   ret = read_cas_url (cred, DEFAULT_TRUST_STORE_PKCS11);
   if (ret > 0)
     r += ret;
 #endif
+
 #ifdef DEFAULT_TRUST_STORE_FILE
-  ret = _gnutls_certificate_set_x509_system_trust_file(cred);
+  ret = set_x509_system_trust_file(cred);
   if (ret > 0)
     r += ret;
 #endif
+
   return r;
 }
 


hooks/post-receive
-- 
GNU gnutls

[Prev in Thread]

Current Thread

[Next in Thread]

[SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_19-18-g16d59e2, Nikos Mavrogiannopoulos <=

Prev by Date: [SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_19-16-g162e146
Next by Date: [SCM] GNU gnutls branch, master, updated. gnutls_3_0_18-62-g2a5f15c
Previous by thread: [SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_19-16-g162e146
Next by thread: [SCM] GNU gnutls branch, master, updated. gnutls_3_0_18-62-g2a5f15c
Index(es):
- Date
- Thread