[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_2_99_3-1-g720abdb
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_2_99_3-1-g720abdb |
|
Date: |
Sun, 19 Jun 2011 08:00:37 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=720abdba139609e14059cfc32c10613d563290d5
The branch, master has been updated
via 720abdba139609e14059cfc32c10613d563290d5 (commit)
from 06eaa93dc23fdb92113420cd4dd473636d12f21e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 720abdba139609e14059cfc32c10613d563290d5
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Jun 19 09:46:56 2011 +0200
indented code.
Corrected PKCS #11 example.
-----------------------------------------------------------------------
Summary of changes:
doc/cha-cert-auth.texi | 55 ++++++++-------------------------------
doc/examples/Makefile.am | 2 +-
doc/examples/ex-cert-select.c | 18 +++++++------
doc/examples/ex-client-udp.c | 4 +-
doc/examples/ex-crq.c | 4 +-
doc/examples/ex-pkcs11-list.c | 48 ++++++++++++++++++++++++++++++++++
doc/examples/ex-session-info.c | 6 ++--
doc/examples/ex-verify.c | 36 ++++++++++++++-----------
8 files changed, 98 insertions(+), 75 deletions(-)
create mode 100644 doc/examples/ex-pkcs11-list.c
diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi
index a18b63f..b51a3ed 100644
--- a/doc/cha-cert-auth.texi
+++ b/doc/cha-cert-auth.texi
@@ -496,56 +496,25 @@ char* url;
gnutls_global_init();
-for (i=0;;i++) {
- ret = gnutls_pkcs11_token_get_url(i, &url);
- if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
- break;
-
- if (ret < 0)
- exit(1);
+for (i=0;;i++)
+ {
+ ret = gnutls_pkcs11_token_get_url(i, &url);
+ if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+ break;
+
+ if (ret < 0)
+ exit(1);
- fprintf(stdout, "Token[%d]: URL: %s\n", i, url);
- gnutls_free(url);
-}
+ fprintf(stdout, "Token[%d]: URL: %s\n", i, url);
+ gnutls_free(url);
+ }
gnutls_global_deinit();
@end verbatim
The next one will list all certificates in a token, that have a corresponding
private key:
address@hidden
-gnutls_pkcs11_obj_t *obj_list;
-unsigned int obj_list_size = 0;
-gnutls_datum_t cinfo;
-int i;
-
-obj_list_size = 0;
-ret = gnutls_pkcs11_obj_list_import_url( obj_list, NULL, url, \
- GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY);
-if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
- exit(1);
-
-/* no error checking from now on */
-obj_list = malloc(sizeof(*obj_list)*obj_list_size);
-
-gnutls_pkcs11_obj_list_import_url( obj_list, &obj_list_size, url, flags);
-
-/* now all certificates are in obj_list */
-for (i=0;i<obj_list_size;i++) {
-
- gnutls_x509_crt_init(&xcrt);
-
- gnutls_x509_crt_import_pkcs11(xcrt, obj_list[i]);
-
- gnutls_x509_crt_print (xcrt, GNUTLS_CRT_PRINT_FULL, &cinfo);
-
- fprintf(stdout, "cert[%d]:\n %s\n\n", cinfo.data);
-
- gnutls_free(cinfo.data);
- gnutls_x509_crt_deinit(&xcrt);
-}
address@hidden verbatim
-
address@hidden examples/ex-pkcs11-list.c
@subsection Writing Objects
diff --git a/doc/examples/Makefile.am b/doc/examples/Makefile.am
index 112614f..692ac6b 100644
--- a/doc/examples/Makefile.am
+++ b/doc/examples/Makefile.am
@@ -81,4 +81,4 @@ noinst_LTLIBRARIES = libexamples.la
libexamples_la_SOURCES = examples.h ex-alert.c ex-pkcs12.c \
ex-session-info.c ex-x509-info.c ex-verify.c \
- tcp.c udp.c
+ tcp.c udp.c ex-pkcs11-list.c
diff --git a/doc/examples/ex-cert-select.c b/doc/examples/ex-cert-select.c
index 461820c..43f666f 100644
--- a/doc/examples/ex-cert-select.c
+++ b/doc/examples/ex-cert-select.c
@@ -35,8 +35,8 @@ static int
cert_callback (gnutls_session_t session,
const gnutls_datum_t * req_ca_rdn, int nreqs,
const gnutls_pk_algorithm_t * sign_algos,
- int sign_algos_length, gnutls_pcert_st** pcert,
- unsigned int *pcert_length, gnutls_privkey_t* pkey);
+ int sign_algos_length, gnutls_pcert_st ** pcert,
+ unsigned int *pcert_length, gnutls_privkey_t * pkey);
gnutls_pcert_st crt;
gnutls_privkey_t key;
@@ -88,8 +88,8 @@ load_keys (void)
fprintf (stderr, "*** Error loading certificate file.\n");
exit (1);
}
-
- ret = gnutls_pcert_import_x509_raw(&crt, &data, GNUTLS_X509_FMT_PEM, 0);
+
+ ret = gnutls_pcert_import_x509_raw (&crt, &data, GNUTLS_X509_FMT_PEM, 0);
if (ret < 0)
{
fprintf (stderr, "*** Error loading certificate file: %s\n",
@@ -118,10 +118,12 @@ load_keys (void)
gnutls_privkey_init (&key);
- ret = gnutls_privkey_import_x509(key, x509_key,
GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
+ ret =
+ gnutls_privkey_import_x509 (key, x509_key,
+ GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
if (ret < 0)
{
- fprintf (stderr, "*** Error importing key: %s\n",
+ fprintf (stderr, "*** Error importing key: %s\n",
gnutls_strerror (ret));
exit (1);
}
@@ -237,8 +239,8 @@ static int
cert_callback (gnutls_session_t session,
const gnutls_datum_t * req_ca_rdn, int nreqs,
const gnutls_pk_algorithm_t * sign_algos,
- int sign_algos_length, gnutls_pcert_st** pcert,
- unsigned int *pcert_length, gnutls_privkey_t* pkey)
+ int sign_algos_length, gnutls_pcert_st ** pcert,
+ unsigned int *pcert_length, gnutls_privkey_t * pkey)
{
char issuer_dn[256];
int i, ret;
diff --git a/doc/examples/ex-client-udp.c b/doc/examples/ex-client-udp.c
index f49d3d2..a2e6ccc 100644
--- a/doc/examples/ex-client-udp.c
+++ b/doc/examples/ex-client-udp.c
@@ -42,7 +42,7 @@ main (void)
gnutls_certificate_set_x509_trust_file (xcred, CAFILE, GNUTLS_X509_FMT_PEM);
/* Initialize TLS session */
- gnutls_init (&session, GNUTLS_CLIENT|GNUTLS_DATAGRAM);
+ gnutls_init (&session, GNUTLS_CLIENT | GNUTLS_DATAGRAM);
/* Use default priorities */
ret = gnutls_priority_set_direct (session, "NORMAL", &err);
@@ -62,7 +62,7 @@ main (void)
sd = udp_connect ();
gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
-
+
/* set the connection MTU */
gnutls_dtls_set_mtu (session, 1000);
diff --git a/doc/examples/ex-crq.c b/doc/examples/ex-crq.c
index 4b5f337..6f92f11 100644
--- a/doc/examples/ex-crq.c
+++ b/doc/examples/ex-crq.c
@@ -21,7 +21,7 @@ main (void)
{
gnutls_x509_crq_t crq;
gnutls_x509_privkey_t key;
- gnutls_privkey_t pkey; /* object used for signing */
+ gnutls_privkey_t pkey; /* object used for signing */
unsigned char buffer[10 * 1024];
size_t buffer_size = sizeof (buffer);
unsigned int bits;
@@ -63,7 +63,7 @@ main (void)
/* Self sign the certificate request.
*/
- gnutls_privkey_import_x509( pkey, key, 0);
+ gnutls_privkey_import_x509 (pkey, key, 0);
gnutls_x509_crq_privkey_sign (crq, pkey, GNUTLS_DIG_SHA1, 0);
/* Export the PEM encoded certificate request, and
diff --git a/doc/examples/ex-pkcs11-list.c b/doc/examples/ex-pkcs11-list.c
new file mode 100644
index 0000000..2f222bc
--- /dev/null
+++ b/doc/examples/ex-pkcs11-list.c
@@ -0,0 +1,48 @@
+#include <gnutls/gnutls.h>
+#include <gnutls/pkcs11.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#define URL "pkcs11:URL"
+
+int
+main ()
+{
+ gnutls_pkcs11_obj_t *obj_list;
+ gnutls_x509_crt_t xcrt;
+ unsigned int obj_list_size = 0;
+ gnutls_datum_t cinfo;
+ int i, ret;
+
+ obj_list_size = 0;
+ ret = gnutls_pkcs11_obj_list_import_url (NULL, &obj_list_size, URL,
+
GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY,
+ 0);
+ if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
+ return -1;
+
+/* no error checking from now on */
+ obj_list = malloc (sizeof (*obj_list) * obj_list_size);
+
+ gnutls_pkcs11_obj_list_import_url (obj_list, &obj_list_size, URL,
+ GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY,
+ 0);
+
+/* now all certificates are in obj_list */
+ for (i = 0; i < obj_list_size; i++)
+ {
+
+ gnutls_x509_crt_init (&xcrt);
+
+ gnutls_x509_crt_import_pkcs11 (xcrt, obj_list[i]);
+
+ gnutls_x509_crt_print (xcrt, GNUTLS_CRT_PRINT_FULL, &cinfo);
+
+ fprintf (stdout, "cert[%d]:\n %s\n\n", i, cinfo.data);
+
+ gnutls_free (cinfo.data);
+ gnutls_x509_crt_deinit (xcrt);
+ }
+
+ return 0;
+}
diff --git a/doc/examples/ex-session-info.c b/doc/examples/ex-session-info.c
index 19fe5f9..e5f0b54 100644
--- a/doc/examples/ex-session-info.c
+++ b/doc/examples/ex-session-info.c
@@ -68,7 +68,7 @@ print_info (gnutls_session_t session)
case GNUTLS_CRD_ANON: /* anonymous authentication */
- printf("- Anonymous authentication.\n");
+ printf ("- Anonymous authentication.\n");
if (kx == GNUTLS_KX_ANON_ECDH)
ecdh = 1;
else if (kx == GNUTLS_KX_ANON_DH)
@@ -92,8 +92,8 @@ print_info (gnutls_session_t session)
} /* switch */
if (ecdh != 0)
- printf("- Ephemeral ECDH using curve %s\n",
- gnutls_ecc_curve_get_name(gnutls_ecc_curve_get(session)));
+ printf ("- Ephemeral ECDH using curve %s\n",
+ gnutls_ecc_curve_get_name (gnutls_ecc_curve_get (session)));
else if (dhe != 0)
printf ("- Ephemeral DH using prime of %d bits\n",
gnutls_dh_get_prime_bits (session));
diff --git a/doc/examples/ex-verify.c b/doc/examples/ex-verify.c
index 5d34921..0d52429 100644
--- a/doc/examples/ex-verify.c
+++ b/doc/examples/ex-verify.c
@@ -22,9 +22,10 @@ int crl_list_size;
gnutls_x509_crt_t *ca_list;
int ca_list_size;
-static int print_details_func(gnutls_x509_crt_t cert,
- gnutls_x509_crt_t issuer, gnutls_x509_crl_t crl,
- unsigned int verification_output);
+static int print_details_func (gnutls_x509_crt_t cert,
+ gnutls_x509_crt_t issuer,
+ gnutls_x509_crl_t crl,
+ unsigned int verification_output);
/* This function will try to verify the peer's certificate chain, and
* also check if the hostname matches.
@@ -37,18 +38,18 @@ verify_certificate_chain (const char *hostname,
int i;
gnutls_x509_trust_list_t tlist;
gnutls_x509_crt_t *cert;
-
+
unsigned int output;
/* Initialize the trusted certificate list. This should be done
* once on initialization. gnutls_x509_crt_list_import2() and
* gnutls_x509_crl_list_import2() can be used to load them.
*/
- gnutls_x509_trust_list_init(&tlist, 0);
+ gnutls_x509_trust_list_init (&tlist, 0);
- gnutls_x509_trust_list_add_cas(tlist, ca_list, ca_list_size, 0);
- gnutls_x509_trust_list_add_crls(tlist, crl_list, crl_list_size,
- GNUTLS_TL_VERIFY_CRL, 0);
+ gnutls_x509_trust_list_add_cas (tlist, ca_list, ca_list_size, 0);
+ gnutls_x509_trust_list_add_crls (tlist, crl_list, crl_list_size,
+ GNUTLS_TL_VERIFY_CRL, 0);
cert = malloc (sizeof (*cert) * cert_chain_length);
@@ -61,15 +62,17 @@ verify_certificate_chain (const char *hostname,
gnutls_x509_crt_import (cert[i], &cert_chain[i], GNUTLS_X509_FMT_DER);
}
- gnutls_x509_trust_list_verify_named_crt(tlist, cert[0], hostname,
strlen(hostname),
- GNUTLS_VERIFY_DISABLE_CRL_CHECKS, &output, print_details_func);
+ gnutls_x509_trust_list_verify_named_crt (tlist, cert[0], hostname,
+ strlen (hostname),
+ GNUTLS_VERIFY_DISABLE_CRL_CHECKS,
+ &output, print_details_func);
/* if this certificate is not explicitly trusted verify against CAs
*/
if (output != 0)
{
- gnutls_x509_trust_list_verify_crt(tlist, cert, cert_chain_length, 0,
- &output, print_details_func);
+ gnutls_x509_trust_list_verify_crt (tlist, cert, cert_chain_length, 0,
+ &output, print_details_func);
}
if (output & GNUTLS_CERT_INVALID)
@@ -98,14 +101,15 @@ verify_certificate_chain (const char *hostname,
hostname);
}
- gnutls_x509_trust_list_deinit(tlist, 1);
+ gnutls_x509_trust_list_deinit (tlist, 1);
return;
}
-static int print_details_func(gnutls_x509_crt_t cert,
- gnutls_x509_crt_t issuer, gnutls_x509_crl_t crl,
- unsigned int verification_output)
+static int
+print_details_func (gnutls_x509_crt_t cert,
+ gnutls_x509_crt_t issuer, gnutls_x509_crl_t crl,
+ unsigned int verification_output)
{
char name[512];
char issuer_name[512];
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_2_99_3-1-g720abdb,
Nikos Mavrogiannopoulos <=