[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-56-ga7a64ea
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-56-ga7a64ea |
|
Date: |
Wed, 21 Nov 2012 21:24:16 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=a7a64ea8eeabf0098f3af83a3ca7b84dbebbf969
The branch, master has been updated
via a7a64ea8eeabf0098f3af83a3ca7b84dbebbf969 (commit)
via 45bce4b8726edb9773c016125401500e7cace021 (commit)
via fcd18567c570671284cd06b2f6e68e77df7e9268 (commit)
from c781989b10e571b76d1a8c50d4a2f18c3b59677b (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a7a64ea8eeabf0098f3af83a3ca7b84dbebbf969
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Nov 21 22:23:30 2012 +0100
danetool is being built even without libgnutls-dane.
The --check functionality is not operational though. It can
only generate tlsa records.
commit 45bce4b8726edb9773c016125401500e7cace021
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Nov 21 22:10:25 2012 +0100
Added test on UTF-8 certificate generation.
commit fcd18567c570671284cd06b2f6e68e77df7e9268
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Nov 21 21:38:40 2012 +0100
removed redundant check
-----------------------------------------------------------------------
Summary of changes:
NEWS | 3 +
doc/invoke-danetool.texi | 4 +-
lib/x509/dn.c | 4 +-
src/Makefile.am | 9 +-
src/danetool-args.c | 188 +++++++++++++++++-----------------
src/danetool-args.def | 2 +-
src/danetool-args.h | 2 +-
src/danetool.c | 15 ++-
tests/cert-tests/Makefile.am | 2 +-
tests/cert-tests/template-test | 18 ++++
tests/cert-tests/template-utf8.pem | 19 ++++
tests/cert-tests/template-utf8.tmpl | 27 +++++
12 files changed, 182 insertions(+), 111 deletions(-)
create mode 100644 tests/cert-tests/template-utf8.pem
create mode 100644 tests/cert-tests/template-utf8.tmpl
diff --git a/NEWS b/NEWS
index dee4b16..971a366 100644
--- a/NEWS
+++ b/NEWS
@@ -27,6 +27,9 @@ an easier to parse format.
** p11tool: After key generation, outputs the public key (useful in
tokens that do not store the public key).
+** danetool: It is being built even without libgnutls-dane (the
+--check functionality is disabled though).
+
** API and ABI modifications:
gnutls_pkcs11_privkey_generate2: Added
gnutls_x509_crt_get_policy: Added
diff --git a/doc/invoke-danetool.texi b/doc/invoke-danetool.texi
index 79ff397..e03e609 100644
--- a/doc/invoke-danetool.texi
+++ b/doc/invoke-danetool.texi
@@ -6,7 +6,7 @@
#
# DO NOT EDIT THIS FILE (invoke-danetool.texi)
#
-# It has been AutoGen-ed November 8, 2012 at 11:40:20 PM by AutoGen 5.16
+# It has been AutoGen-ed November 21, 2012 at 10:20:05 PM by AutoGen 5.16
# From the definitions ../src/danetool-args.def
# and the template file agtexi-cmd.tpl
@end ignore
@@ -105,7 +105,7 @@ Available hash functions are SHA1, RMD160, SHA256, SHA384,
SHA512.
@anchor{danetool check}
@subheading check option
-This is the ``check dane tlsa entry.'' option.
+This is the ``check a host's dane tlsa entry.'' option.
This option takes an argument string.
Obtains the DANE TLSA entry from the given hostname and prints information.
@anchor{danetool local-dns}
diff --git a/lib/x509/dn.c b/lib/x509/dn.c
index 238e28e..89a07e6 100644
--- a/lib/x509/dn.c
+++ b/lib/x509/dn.c
@@ -627,8 +627,8 @@ static int is_printable(char p)
{
if ((p >= 'a' && p <= 'z') || (p >= 'A' && p <= 'Z') ||
(p >= '0' && p <= '9') || p == ' ' || p == '(' || p == ')' ||
- p == '(' || p == '+' || p == ',' || p == '-' || p == '.' ||
- p == '/' || p == ':' || p == '=' || p == '?')
+ p == '+' || p == ',' || p == '-' || p == '.' || p == '/' ||
+ p == ':' || p == '=' || p == '?')
return 1;
return 0;
diff --git a/src/Makefile.am b/src/Makefile.am
index 8f5a4b1..5aebf20 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -46,9 +46,8 @@ endif
if ENABLE_OCSP
bin_PROGRAMS += ocsptool
endif
-if ENABLE_DANE
+
bin_PROGRAMS += danetool
-endif
if ENABLE_TROUSERS
bin_PROGRAMS += tpmtool
@@ -141,12 +140,12 @@ libcmd_certtool_la_LIBADD += $(LIBOPTS_LDADD) $(LTLIBINTL)
libcmd_certtool_la_LIBADD += $(LTLIBREADLINE)
libcmd_certtool_la_LIBADD += $(INET_PTON_LIB)
-if ENABLE_DANE
-
danetool_SOURCES = danetool.c certtool-common.c certtool-extras.c common.c
danetool_LDADD = ../lib/libgnutls.la
danetool_LDADD += libcmd-danetool.la ../gl/libgnu.la
+if ENABLE_DANE
danetool_LDADD += ../libdane/libgnutls-dane.la
+endif
noinst_LTLIBRARIES += libcmd-danetool.la
libcmd_danetool_la_CFLAGS =
@@ -157,8 +156,6 @@ libcmd_danetool_la_LIBADD += $(LIBOPTS_LDADD) $(LTLIBINTL)
libcmd_danetool_la_LIBADD += $(LTLIBREADLINE)
libcmd_danetool_la_LIBADD += $(INET_PTON_LIB)
-endif #ENABLE_DANE
-
# p11 tool
if ENABLE_PKCS11
diff --git a/src/danetool-args.c b/src/danetool-args.c
index d9f305b..2303e52 100644
--- a/src/danetool-args.c
+++ b/src/danetool-args.c
@@ -2,7 +2,7 @@
*
* DO NOT EDIT THIS FILE (danetool-args.c)
*
- * It has been AutoGen-ed November 8, 2012 at 11:35:55 PM by AutoGen 5.16
+ * It has been AutoGen-ed November 21, 2012 at 10:22:22 PM by AutoGen 5.16
* From the definitions danetool-args.def
* and the template file options
*
@@ -67,7 +67,7 @@ extern FILE * option_usage_fp;
/*
* danetool option static const strings
*/
-static char const danetool_opt_strs[2260] =
+static char const danetool_opt_strs[2269] =
/* 0 */ "danetool @address@hidden"
"Copyright (C) 2000-2012 Free Software Foundation, all rights
reserved.\n"
"This is free software. It is licensed for use, modification and\n"
@@ -105,55 +105,55 @@ static char const danetool_opt_strs[2260] =
/* 1110 */ "Hash algorithm to use for signing.\0"
/* 1145 */ "HASH\0"
/* 1150 */ "hash\0"
-/* 1155 */ "Check DANE TLSA entry.\0"
-/* 1178 */ "CHECK\0"
-/* 1184 */ "check\0"
-/* 1190 */ "Use the local DNS server for DNSSEC resolving.\0"
-/* 1237 */ "LOCAL_DNS\0"
-/* 1247 */ "no-local-dns\0"
-/* 1260 */ "no\0"
-/* 1263 */ "Use DER format for input certificates and private keys.\0"
-/* 1319 */ "INDER\0"
-/* 1325 */ "no-inder\0"
-/* 1334 */ "This is an alias for 'inder'\0"
-/* 1363 */ "inraw\0"
-/* 1369 */ "Print the DANE RR data on a certificate or public key\0"
-/* 1423 */ "TLSA_RR\0"
-/* 1431 */ "tlsa-rr\0"
-/* 1439 */ "Specify the hostname to be used in the DANE RR\0"
-/* 1486 */ "HOST\0"
-/* 1491 */ "host\0"
-/* 1496 */ "The protocol set for DANE data (tcp, udp etc.)\0"
-/* 1543 */ "PROTO\0"
-/* 1549 */ "proto\0"
-/* 1555 */ "Specify the port number for the DANE data.\0"
-/* 1598 */ "PORT\0"
-/* 1603 */ "port\0"
-/* 1608 */ "Whether the provided certificate or public key is a Certificate\n"
+/* 1155 */ "Check a host's DANE TLSA entry.\0"
+/* 1187 */ "CHECK\0"
+/* 1193 */ "check\0"
+/* 1199 */ "Use the local DNS server for DNSSEC resolving.\0"
+/* 1246 */ "LOCAL_DNS\0"
+/* 1256 */ "no-local-dns\0"
+/* 1269 */ "no\0"
+/* 1272 */ "Use DER format for input certificates and private keys.\0"
+/* 1328 */ "INDER\0"
+/* 1334 */ "no-inder\0"
+/* 1343 */ "This is an alias for 'inder'\0"
+/* 1372 */ "inraw\0"
+/* 1378 */ "Print the DANE RR data on a certificate or public key\0"
+/* 1432 */ "TLSA_RR\0"
+/* 1440 */ "tlsa-rr\0"
+/* 1448 */ "Specify the hostname to be used in the DANE RR\0"
+/* 1495 */ "HOST\0"
+/* 1500 */ "host\0"
+/* 1505 */ "The protocol set for DANE data (tcp, udp etc.)\0"
+/* 1552 */ "PROTO\0"
+/* 1558 */ "proto\0"
+/* 1564 */ "Specify the port number for the DANE data.\0"
+/* 1607 */ "PORT\0"
+/* 1612 */ "port\0"
+/* 1617 */ "Whether the provided certificate or public key is a Certificate\n"
"Authority.\0"
-/* 1683 */ "CA\0"
-/* 1686 */ "ca\0"
-/* 1689 */ "Use the hash of the X.509 certificate, rather than the public
key.\0"
-/* 1756 */ "X509\0"
-/* 1761 */ "x509\0"
-/* 1766 */ "The provided certificate or public key is a local entity.\0"
-/* 1824 */ "LOCAL\0"
-/* 1830 */ "local\0"
-/* 1836 */ "Display extended usage information and exit\0"
-/* 1880 */ "help\0"
-/* 1885 */ "Extended usage information passed thru pager\0"
-/* 1930 */ "more-help\0"
-/* 1940 */ "Output version information and exit\0"
-/* 1976 */ "version\0"
-/* 1984 */ "DANETOOL\0"
-/* 1993 */ "danetool - GnuTLS DANE tool - Ver. @address@hidden"
+/* 1692 */ "CA\0"
+/* 1695 */ "ca\0"
+/* 1698 */ "Use the hash of the X.509 certificate, rather than the public
key.\0"
+/* 1765 */ "X509\0"
+/* 1770 */ "x509\0"
+/* 1775 */ "The provided certificate or public key is a local entity.\0"
+/* 1833 */ "LOCAL\0"
+/* 1839 */ "local\0"
+/* 1845 */ "Display extended usage information and exit\0"
+/* 1889 */ "help\0"
+/* 1894 */ "Extended usage information passed thru pager\0"
+/* 1939 */ "more-help\0"
+/* 1949 */ "Output version information and exit\0"
+/* 1985 */ "version\0"
+/* 1993 */ "DANETOOL\0"
+/* 2002 */ "danetool - GnuTLS DANE tool - Ver. @address@hidden"
"USAGE: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n\0"
-/* 2096 */ "address@hidden"
-/* 2115 */ "\n\n\0"
-/* 2118 */ "\n"
+/* 2105 */ "address@hidden"
+/* 2124 */ "\n\n\0"
+/* 2127 */ "\n"
"Tool to generate DNS resource records for the DANE protocol.\n\0"
-/* 2181 */ "danetool @address@hidden"
-/* 2200 */ "danetool [options]\n"
+/* 2190 */ "danetool @address@hidden"
+/* 2209 */ "danetool [options]\n"
"danetool --help for usage instructions.\n";
/*
@@ -222,46 +222,46 @@ static char const danetool_opt_strs[2260] =
* check option description:
*/
#define CHECK_DESC (danetool_opt_strs+1155)
-#define CHECK_NAME (danetool_opt_strs+1178)
-#define CHECK_name (danetool_opt_strs+1184)
+#define CHECK_NAME (danetool_opt_strs+1187)
+#define CHECK_name (danetool_opt_strs+1193)
#define CHECK_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* local-dns option description:
*/
-#define LOCAL_DNS_DESC (danetool_opt_strs+1190)
-#define LOCAL_DNS_NAME (danetool_opt_strs+1237)
-#define NOT_LOCAL_DNS_name (danetool_opt_strs+1247)
-#define NOT_LOCAL_DNS_PFX (danetool_opt_strs+1260)
+#define LOCAL_DNS_DESC (danetool_opt_strs+1199)
+#define LOCAL_DNS_NAME (danetool_opt_strs+1246)
+#define NOT_LOCAL_DNS_name (danetool_opt_strs+1256)
+#define NOT_LOCAL_DNS_PFX (danetool_opt_strs+1269)
#define LOCAL_DNS_name (NOT_LOCAL_DNS_name + 3)
#define LOCAL_DNS_FLAGS (OPTST_DISABLED)
/*
* inder option description:
*/
-#define INDER_DESC (danetool_opt_strs+1263)
-#define INDER_NAME (danetool_opt_strs+1319)
-#define NOT_INDER_name (danetool_opt_strs+1325)
-#define NOT_INDER_PFX (danetool_opt_strs+1260)
+#define INDER_DESC (danetool_opt_strs+1272)
+#define INDER_NAME (danetool_opt_strs+1328)
+#define NOT_INDER_name (danetool_opt_strs+1334)
+#define NOT_INDER_PFX (danetool_opt_strs+1269)
#define INDER_name (NOT_INDER_name + 3)
#define INDER_FLAGS (OPTST_DISABLED)
/*
* inraw option description:
*/
-#define INRAW_DESC (danetool_opt_strs+1334)
+#define INRAW_DESC (danetool_opt_strs+1343)
#define INRAW_NAME NULL
-#define INRAW_name (danetool_opt_strs+1363)
+#define INRAW_name (danetool_opt_strs+1372)
#define INRAW_FLAGS (INDER_FLAGS | OPTST_ALIAS)
/*
* tlsa-rr option description with
* "Must also have options" and "Incompatible options":
*/
-#define TLSA_RR_DESC (danetool_opt_strs+1369)
-#define TLSA_RR_NAME (danetool_opt_strs+1423)
-#define TLSA_RR_name (danetool_opt_strs+1431)
+#define TLSA_RR_DESC (danetool_opt_strs+1378)
+#define TLSA_RR_NAME (danetool_opt_strs+1432)
+#define TLSA_RR_name (danetool_opt_strs+1440)
static int const aTlsa_RrMustList[] = {
INDEX_OPT_HOST, NO_EQUIVALENT };
#define TLSA_RR_FLAGS (OPTST_DISABLED)
@@ -269,62 +269,62 @@ static int const aTlsa_RrMustList[] = {
/*
* host option description:
*/
-#define HOST_DESC (danetool_opt_strs+1439)
-#define HOST_NAME (danetool_opt_strs+1486)
-#define HOST_name (danetool_opt_strs+1491)
+#define HOST_DESC (danetool_opt_strs+1448)
+#define HOST_NAME (danetool_opt_strs+1495)
+#define HOST_name (danetool_opt_strs+1500)
#define HOST_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* proto option description:
*/
-#define PROTO_DESC (danetool_opt_strs+1496)
-#define PROTO_NAME (danetool_opt_strs+1543)
-#define PROTO_name (danetool_opt_strs+1549)
+#define PROTO_DESC (danetool_opt_strs+1505)
+#define PROTO_NAME (danetool_opt_strs+1552)
+#define PROTO_name (danetool_opt_strs+1558)
#define PROTO_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* port option description:
*/
-#define PORT_DESC (danetool_opt_strs+1555)
-#define PORT_NAME (danetool_opt_strs+1598)
-#define PORT_name (danetool_opt_strs+1603)
+#define PORT_DESC (danetool_opt_strs+1564)
+#define PORT_NAME (danetool_opt_strs+1607)
+#define PORT_name (danetool_opt_strs+1612)
#define PORT_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
/*
* ca option description:
*/
-#define CA_DESC (danetool_opt_strs+1608)
-#define CA_NAME (danetool_opt_strs+1683)
-#define CA_name (danetool_opt_strs+1686)
+#define CA_DESC (danetool_opt_strs+1617)
+#define CA_NAME (danetool_opt_strs+1692)
+#define CA_name (danetool_opt_strs+1695)
#define CA_FLAGS (OPTST_DISABLED)
/*
* x509 option description:
*/
-#define X509_DESC (danetool_opt_strs+1689)
-#define X509_NAME (danetool_opt_strs+1756)
-#define X509_name (danetool_opt_strs+1761)
+#define X509_DESC (danetool_opt_strs+1698)
+#define X509_NAME (danetool_opt_strs+1765)
+#define X509_name (danetool_opt_strs+1770)
#define X509_FLAGS (OPTST_DISABLED)
/*
* local option description:
*/
-#define LOCAL_DESC (danetool_opt_strs+1766)
-#define LOCAL_NAME (danetool_opt_strs+1824)
-#define LOCAL_name (danetool_opt_strs+1830)
+#define LOCAL_DESC (danetool_opt_strs+1775)
+#define LOCAL_NAME (danetool_opt_strs+1833)
+#define LOCAL_name (danetool_opt_strs+1839)
#define LOCAL_FLAGS (OPTST_DISABLED)
/*
* Help/More_Help/Version option descriptions:
*/
-#define HELP_DESC (danetool_opt_strs+1836)
-#define HELP_name (danetool_opt_strs+1880)
+#define HELP_DESC (danetool_opt_strs+1845)
+#define HELP_name (danetool_opt_strs+1889)
#ifdef HAVE_WORKING_FORK
-#define MORE_HELP_DESC (danetool_opt_strs+1885)
-#define MORE_HELP_name (danetool_opt_strs+1930)
+#define MORE_HELP_DESC (danetool_opt_strs+1894)
+#define MORE_HELP_name (danetool_opt_strs+1939)
#define MORE_HELP_FLAGS (OPTST_IMM | OPTST_NO_INIT)
#else
#define MORE_HELP_DESC NULL
@@ -337,8 +337,8 @@ static int const aTlsa_RrMustList[] = {
# define VER_FLAGS (OPTST_SET_ARGTYPE(OPARG_TYPE_STRING) | \
OPTST_ARG_OPTIONAL | OPTST_IMM | OPTST_NO_INIT)
#endif
-#define VER_DESC (danetool_opt_strs+1940)
-#define VER_name (danetool_opt_strs+1976)
+#define VER_DESC (danetool_opt_strs+1949)
+#define VER_name (danetool_opt_strs+1985)
/*
* Declare option callback procedures
*/
@@ -618,14 +618,14 @@ static tOptDesc optDesc[OPTION_CT] = {
*
* Define the danetool Option Environment
*/
-#define zPROGNAME (danetool_opt_strs+1984)
-#define zUsageTitle (danetool_opt_strs+1993)
+#define zPROGNAME (danetool_opt_strs+1993)
+#define zUsageTitle (danetool_opt_strs+2002)
#define zRcName NULL
#define apzHomeList NULL
-#define zBugsAddr (danetool_opt_strs+2096)
-#define zExplain (danetool_opt_strs+2115)
-#define zDetail (danetool_opt_strs+2118)
-#define zFullVersion (danetool_opt_strs+2181)
+#define zBugsAddr (danetool_opt_strs+2105)
+#define zExplain (danetool_opt_strs+2124)
+#define zDetail (danetool_opt_strs+2127)
+#define zFullVersion (danetool_opt_strs+2190)
/* extracted from optcode.tlib near line 350 */
#if defined(ENABLE_NLS)
@@ -639,7 +639,7 @@ static tOptDesc optDesc[OPTION_CT] = {
#define danetool_full_usage (NULL)
-#define danetool_short_usage (danetool_opt_strs+2200)
+#define danetool_short_usage (danetool_opt_strs+2209)
#endif /* not defined __doxygen__ */
diff --git a/src/danetool-args.def b/src/danetool-args.def
index e01dfdd..e5ba03c 100644
--- a/src/danetool-args.def
+++ b/src/danetool-args.def
@@ -35,7 +35,7 @@ flag = {
flag = {
name = check;
arg-type = string;
- descrip = "Check DANE TLSA entry.";
+ descrip = "Check a host's DANE TLSA entry.";
doc = "Obtains the DANE TLSA entry from the given hostname and prints
information.";
};
diff --git a/src/danetool-args.h b/src/danetool-args.h
index 0cb2354..a233656 100644
--- a/src/danetool-args.h
+++ b/src/danetool-args.h
@@ -2,7 +2,7 @@
*
* DO NOT EDIT THIS FILE (danetool-args.h)
*
- * It has been AutoGen-ed November 8, 2012 at 11:35:55 PM by AutoGen 5.16
+ * It has been AutoGen-ed November 21, 2012 at 10:22:22 PM by AutoGen 5.16
* From the definitions danetool-args.def
* and the template file options
*
diff --git a/src/danetool.c b/src/danetool.c
index cd8211e..d2361e5 100644
--- a/src/danetool.c
+++ b/src/danetool.c
@@ -27,7 +27,10 @@
#include <gnutls/pkcs11.h>
#include <gnutls/abstract.h>
#include <gnutls/crypto.h>
-#include <gnutls/dane.h>
+
+#ifdef HAVE_DANE
+# include <gnutls/dane.h>
+#endif
#include <stdio.h>
#include <stdlib.h>
@@ -181,6 +184,7 @@ cmd_parser (int argc, char **argv)
static void dane_check(const char* host, const char* proto, unsigned int port,
common_info_st * cinfo)
{
+#ifdef HAVE_DANE
dane_state_t s;
dane_query_t q;
int ret;
@@ -236,7 +240,7 @@ size_t size;
ret = gnutls_x509_crt_list_import2( &clist, &clist_size, &file,
cinfo->incert_format, 0);
if (ret < 0)
error (EXIT_FAILURE, 0, "gnutls_x509_crt_list_import2: %s",
gnutls_strerror (ret));
-
+
if (clist_size > 0)
{
gnutls_datum_t certs[clist_size];
@@ -249,7 +253,7 @@ size_t size;
if (ret < 0)
error (EXIT_FAILURE, 0, "gnutls_x509_crt_export2: %s",
gnutls_strerror (ret));
}
-
+
ret = dane_verify_crt( s, certs, clist_size, GNUTLS_CRT_X509,
host, proto, port, 0, 0, &status);
if (ret < 0)
@@ -275,7 +279,10 @@ size_t size;
dane_query_deinit(q);
dane_state_deinit(s);
-
+#else
+ fprintf(stderr, "This functionality was disabled (GnuTLS was not compiled
with support for DANE).\n");
+ return;
+#endif
}
static void dane_info(const char* host, const char* proto, unsigned int port,
diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am
index faa998f..f63beb6 100644
--- a/tests/cert-tests/Makefile.am
+++ b/tests/cert-tests/Makefile.am
@@ -22,7 +22,7 @@
EXTRA_DIST = ca-no-pathlen.pem no-ca-or-pathlen.pem aki-cert.pem \
template-test.key template-test.pem template-test.tmpl \
funny-spacing.pem ca-certs.pem dane-test.rr cert-ecc256.pem \
- bmpstring.pem
+ bmpstring.pem template-utf8.pem template-utf8.tmpl
dist_check_SCRIPTS = pathlen aki template-test pem-decoding dane
diff --git a/tests/cert-tests/template-test b/tests/cert-tests/template-test
index 75f6fab..f1d87ca 100755
--- a/tests/cert-tests/template-test
+++ b/tests/cert-tests/template-test
@@ -43,11 +43,29 @@ datefudge "2007-04-22" \
diff $srcdir/template-test.pem tmp-tt.pem
rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Test 1 failed"
+ exit $rc
+fi
+
rm -f tmp-tt.pem
+datefudge "2007-04-22" \
+ $CERTTOOL --generate-self-signed \
+ --load-privkey $srcdir/template-test.key \
+ --template $srcdir/template-utf8.tmpl \
+ --outfile tmp-tt.pem 2>/dev/null
+
+diff $srcdir/template-utf8.pem tmp-tt.pem
+rc=$?
+
# We're done.
if test "$rc" != "0"; then
+ echo "Test 2 (UTF8) failed"
exit $rc
fi
+rm -f tmp-tt.pem
+
exit 0
diff --git a/tests/cert-tests/template-utf8.pem
b/tests/cert-tests/template-utf8.pem
new file mode 100644
index 0000000..4f6615c
--- /dev/null
+++ b/tests/cert-tests/template-utf8.pem
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIC/TCCAmagAwIBAgIBCTANBgkqhkiG9w0BAQsFADBZMQswCQYDVQQGEwJHUjEk
+MCIGA1UECgwbzpzOtc6zzqzOu863IM61z4TOsc65z4HOr86xMRUwEwYDVQQIDAzO
+kc+Ez4TOuc66zq4xDTALBgNVBAMMBPCfkKgwIhgPMjAwNzA0MjEyMjAwMDBaGA8y
+MDA4MDQyMDIyMDAwMFowWTELMAkGA1UEBhMCR1IxJDAiBgNVBAoMG86czrXOs86s
+zrvOtyDOtc+EzrHOuc+Bzq/OsTEVMBMGA1UECAwMzpHPhM+EzrnOus6uMQ0wCwYD
+VQQDDATwn5CoMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClxs51Q4S/ZJ4C
+JxPxA1n3eS2S7XwvUKQD8S15uYaLBX46u0Sqr4TPE5geHEo49zMtep9y1GttJrAx
+N3AQ+0Lp2J0YZX4ZSfwFlgRogx53hr/t9eUSOxP+MxicGnodaa9HAmB6H7noz9vI
+NDBRlj2MllwAvGHeCA+xNiF/qQDjBQIDAQABo4HQMIHNMAwGA1UdEwEB/wQCMAAw
+gZ0GA1UdIASBlTCBkjCBjwYMKwYBBAGqbAEKYwEAMH8wSAYIKwYBBQUHAgIwPAw6
+zpzOuc6xIM+Azr/Ou865z4TOuc66zq4gz4DOv8+FIM64zq3Ou861zrkgzrTOuc6s
+zrLOsc+DzrzOsTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5leGFtcGxlLmNvbS9h
+LXBvbGljeS10by1yZWFkMB0GA1UdDgQWBBRdQK3wzpRAlYt+mZQdklQiynI2XzAN
+BgkqhkiG9w0BAQsFAAOBgQBo2g5++u6FKa1MSLEaXl2c6KOxrj0XFkpkWEnajEdn
+H2ApFr/EHZsGWET92s+AAkgJmfmzUB8+uEbSPTNXZnmx8HL5ZrVFwVJ8ZwJDBipQ
+1vgdwpPlxpJp0rIr76xXXmzXsdnCmuvBfiE0KT1/X/Ntm+HkolB7WUVxsIkp3hIS
+1w==
+-----END CERTIFICATE-----
diff --git a/tests/cert-tests/template-utf8.tmpl
b/tests/cert-tests/template-utf8.tmpl
new file mode 100644
index 0000000..1d6c457
--- /dev/null
+++ b/tests/cert-tests/template-utf8.tmpl
@@ -0,0 +1,27 @@
+# X.509 Certificate options
+#
+# DN options
+
+# The organization of the subject.
+organization = "Îεγάλη εÏαιÏία"
+
+# The name (Koala)
+cn = "ð¨"
+
+# The locality of the subject.
+# locality =
+
+# The state of the certificate owner.
+state = "ÎÏÏική"
+
+# The country of the subject. Two letter code.
+country = GR
+
+# The serial number of the certificate
+serial = 009
+
+# Certificate policies
+policy1 = 1.3.6.1.4.1.5484.1.10.99.1.0
+policy1_txt = "Îια ÏολιÏική ÏοÏ
θÎλει διάβαÏμα"
+policy1_url = http://www.example.com/a-policy-to-read
+
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-56-ga7a64ea,
Nikos Mavrogiannopoulos <=