[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, gnutls_3_1_x, updated. gnutls_3_1_1-3-g8a867c7
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, gnutls_3_1_x, updated. gnutls_3_1_1-3-g8a867c7 |
Date: |
Mon, 03 Sep 2012 19:53:07 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=8a867c7c7f80386fb60f848fc421188f3c49a242
The branch, gnutls_3_1_x has been updated
via 8a867c7c7f80386fb60f848fc421188f3c49a242 (commit)
via c39d779e15c3b5173ca61a513b2a4c8e621a9c87 (commit)
from 231ff8b297fdbb475da8da2a5472da2b0030df39 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 8a867c7c7f80386fb60f848fc421188f3c49a242
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Sep 3 21:50:46 2012 +0200
documented fix
commit c39d779e15c3b5173ca61a513b2a4c8e621a9c87
Author: Marti Raudsepp <address@hidden>
Date: Mon Sep 3 20:58:54 2012 +0300
Fix gnutls_x509_trust_list_add_trust_mem with DER-format certificates.
The function took a "type" argument and then happily proceeded to ignore
it and try PEM format anyway.
Most importantly, this makes gnutls_x509_trust_list_add_system_trust
work on Windows, which loads DER certificates using this function. I'll
be damned if that actually ever worked properly -- certainly not in any
git version. :)
Also added test for gnutls_x509_trust_list_add_trust_mem.
Signed-off-by: Nikos Mavrogiannopoulos <address@hidden>
-----------------------------------------------------------------------
Summary of changes:
NEWS | 10 ++++++++
lib/x509/verify-high2.c | 4 +-
tests/x509cert-tl.c | 54 +++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 66 insertions(+), 2 deletions(-)
diff --git a/NEWS b/NEWS
index c733a92..6514e1c 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,16 @@ GnuTLS NEWS -- History of user-visible changes.
-*- outline -*-
Copyright (C) 2000-2012 Free Software Foundation, Inc.
See the end for copying conditions.
+* Version 3.1.2 (unreleased)
+
+** lbignutls: Fixed bug in gnutls_x509_trust_list_add_system_trust()
+and gnutls_x509_trust_list_add_trust_mem() that prevented the loading
+of certificates in the windows platform.
+
+** API and ABI modifications:
+No changes since last version.
+
+
* Version 3.1.1 (released 2012-09-02)
** gnutls-serv: Listens on IPv6. Patch by Bernhard R. Link.
diff --git a/lib/x509/verify-high2.c b/lib/x509/verify-high2.c
index d76a0f2..b0d5471 100644
--- a/lib/x509/verify-high2.c
+++ b/lib/x509/verify-high2.c
@@ -69,7 +69,7 @@ gnutls_x509_trust_list_add_trust_mem(gnutls_x509_trust_list_t
list,
if (cas != NULL && cas->data != NULL)
{
- ret = gnutls_x509_crt_list_import2( &x509_ca_list, &x509_ncas, cas,
GNUTLS_X509_FMT_PEM, 0);
+ ret = gnutls_x509_crt_list_import2( &x509_ca_list, &x509_ncas, cas,
type, 0);
if (ret < 0)
return gnutls_assert_val(ret);
@@ -84,7 +84,7 @@ gnutls_x509_trust_list_add_trust_mem(gnutls_x509_trust_list_t
list,
if (crls != NULL && crls->data != NULL)
{
- ret = gnutls_x509_crl_list_import2( &x509_crl_list, &x509_ncrls, crls,
GNUTLS_X509_FMT_PEM, 0);
+ ret = gnutls_x509_crl_list_import2( &x509_crl_list, &x509_ncrls, crls,
type, 0);
if (ret < 0)
return gnutls_assert_val(ret);
diff --git a/tests/x509cert-tl.c b/tests/x509cert-tl.c
index b0831be..0c43272 100644
--- a/tests/x509cert-tl.c
+++ b/tests/x509cert-tl.c
@@ -131,6 +131,46 @@ static unsigned char server_key_pem[] =
"LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n"
"-----END RSA PRIVATE KEY-----\n";
+static unsigned char cert_der[602] =
+ "\x30\x82\x02\x56\x30\x82\x01\xc1\xa0\x03\x02\x01\x02\x02\x04\x46"
+ "\x26\x1d\x31\x30\x0b\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05"
+ "\x30\x19\x31\x17\x30\x15\x06\x03\x55\x04\x03\x13\x0e\x47\x6e\x75"
+ "\x54\x4c\x53\x20\x74\x65\x73\x74\x20\x43\x41\x30\x1e\x17\x0d\x30"
+ "\x37\x30\x34\x31\x38\x31\x33\x32\x39\x32\x31\x5a\x17\x0d\x30\x38"
+ "\x30\x34\x31\x37\x31\x33\x32\x39\x32\x31\x5a\x30\x37\x31\x1b\x30"
+ "\x19\x06\x03\x55\x04\x0a\x13\x12\x47\x6e\x75\x54\x4c\x53\x20\x74"
+ "\x65\x73\x74\x20\x73\x65\x72\x76\x65\x72\x31\x18\x30\x16\x06\x03"
+ "\x55\x04\x03\x13\x0f\x74\x65\x73\x74\x2e\x67\x6e\x75\x74\x6c\x73"
+ "\x2e\x6f\x72\x67\x30\x81\x9c\x30\x0b\x06\x09\x2a\x86\x48\x86\xf7"
+ "\x0d\x01\x01\x01\x03\x81\x8c\x00\x30\x81\x88\x02\x81\x80\xd7\xba"
+ "\x5c\xaf\xa3\x0c\xf0\x2e\xa9\x27\x56\xaa\x53\x8e\xa8\xeb\x7f\x81"
+ "\x75\x4c\x6b\x98\xbe\x4a\xea\xb7\x1e\xf8\x4b\xc3\x6a\xc4\xda\x0d"
+ "\x00\xb8\xea\x4c\x13\x1f\x36\x16\x93\xde\x72\xef\xc6\xa4\x5e\xb2"
+ "\x6e\xb6\xca\x0a\x88\x55\x75\x90\x96\xed\xa6\x57\xbc\x0c\x3b\x76"
+ "\x0d\x97\x1e\xbd\xe9\xec\x7f\xd3\xa9\xec\xfb\x85\x64\xa0\x6b\xa0"
+ "\x48\xce\x77\x7e\x73\x9c\x31\x13\xff\x3d\xc8\xae\xa5\x60\x6e\xd9"
+ "\xb6\x8c\x5a\x9a\x6f\xb6\xbe\x9f\x6a\xbd\xa7\xf0\xa0\x33\x27\xf5"
+ "\xb7\x1d\x92\xe5\x96\x9c\x73\x52\xd6\x9f\xd6\xc8\x8e\xb1\x02\x03"
+ "\x01\x00\x01\xa3\x81\x93\x30\x81\x90\x30\x0c\x06\x03\x55\x1d\x13"
+ "\x01\x01\xff\x04\x02\x30\x00\x30\x1a\x06\x03\x55\x1d\x11\x04\x13"
+ "\x30\x11\x82\x0f\x74\x65\x73\x74\x2e\x67\x6e\x75\x74\x6c\x73\x2e"
+ "\x6f\x72\x67\x30\x13\x06\x03\x55\x1d\x25\x04\x0c\x30\x0a\x06\x08"
+ "\x2b\x06\x01\x05\x05\x07\x03\x01\x30\x0f\x06\x03\x55\x1d\x0f\x01"
+ "\x01\xff\x04\x05\x03\x03\x07\xa0\x00\x30\x1d\x06\x03\x55\x1d\x0e"
+ "\x04\x16\x04\x14\xeb\xc7\x45\x6e\xe5\xf8\x25\xca\x8c\x8d\x83\x0d"
+ "\x74\xe9\x86\xd4\xdd\x55\xb4\x75\x30\x1f\x06\x03\x55\x1d\x23\x04"
+ "\x18\x30\x16\x80\x14\xe9\x3c\x1c\xfb\xad\x92\x6e\xe6\x06\xa4\x56"
+ "\x2c\xa2\xe1\xc0\x53\x27\xc8\xf2\x95\x30\x0b\x06\x09\x2a\x86\x48"
+ "\x86\xf7\x0d\x01\x01\x05\x03\x81\x81\x00\x68\x51\x0f\x4e\xdf\xbb"
+ "\x6f\x3b\xc1\xb8\xe7\xfb\xf9\x09\x9e\x41\xc9\xf6\xf6\x44\xfa\x06"
+ "\xcc\xa1\xd5\x11\xc9\x5d\xff\x0a\x4e\x4e\x50\x45\xfc\x29\xea\x88"
+ "\x1b\xa7\xde\x09\x41\x67\x0d\x43\xf4\xbb\x60\x31\x47\x82\x50\xf5"
+ "\x03\x05\x0d\x05\x15\xf0\x77\x7a\xe2\x52\xc3\x27\xb3\x18\x1e\x48"
+ "\x3c\x58\x05\xf2\x58\x6c\x32\xde\xa2\x13\x41\xb2\xa6\x8f\x0c\x96"
+ "\xfb\x5d\xa8\xa5\x59\xb3\x10\x29\xf0\x1b\x15\x0f\x1c\x9c\xec\x60"
+ "\xac\xe2\x8b\x51\x04\x56\x27\x42\xb7\x1f\x25\xd1\x32\x16\xea\x8d"
+ "\xd2\xc8\x69\x08\x82\xbd\x02\xee\x8b\x3a";
+
const gnutls_datum_t server_key = { server_key_pem,
sizeof (server_key_pem)
};
@@ -151,6 +191,7 @@ void
doit (void)
{
int ret;
+ gnutls_datum_t data;
gnutls_x509_crt_t server_crt, ca_crt;
gnutls_x509_trust_list_t tl;
unsigned int status;
@@ -201,6 +242,19 @@ doit (void)
if (ret < 0 || status == 0)
fail("gnutls_x509_trust_list_verify_named_crt: %d\n", __LINE__);
+ /* test convenience functions in verify-high2.c */
+ data.data = cert_pem;
+ data.size = strlen(cert_pem);
+ ret = gnutls_x509_trust_list_add_trust_mem(tl, &data, NULL,
GNUTLS_X509_FMT_PEM, 0, 0);
+ if (ret < 1)
+ fail("gnutls_x509_trust_list_add_trust_mem: %d\n", __LINE__);
+
+ data.data = cert_der;
+ data.size = sizeof(cert_der);
+ ret = gnutls_x509_trust_list_add_trust_mem(tl, &data, NULL,
GNUTLS_X509_FMT_DER, 0, 0);
+ if (ret < 1)
+ fail("gnutls_x509_trust_list_add_trust_mem: %d\n", __LINE__);
+
gnutls_x509_crt_deinit(ca_crt);
gnutls_x509_crt_deinit(server_crt);
gnutls_x509_trust_list_deinit(tl, 0);
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, gnutls_3_1_x, updated. gnutls_3_1_1-3-g8a867c7,
Nikos Mavrogiannopoulos <=