diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-06-16 11:29:04 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-06-16 11:29:04 +0200 |
| commit | 472ed0f4a8bbea3b3581e85d1ca1a8394df91bf6 (patch) | |
| tree | b07932d0951b79a9b70126d29b67445db7a30275 | |
| parent | 09702ea3e2fe5189badb371026b90a772308d4ca (diff) | |
| download | gnutls-472ed0f4a8bbea3b3581e85d1ca1a8394df91bf6.tar.gz | |
gnutls_x509_trust_list_add_trust_file(): returns the number of certificates present when loading a PKCS #11 URL.
| -rw-r--r-- | lib/x509/verify-high2.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/x509/verify-high2.c b/lib/x509/verify-high2.c index 202ed839ca..ab55ab7587 100644 --- a/lib/x509/verify-high2.c +++ b/lib/x509/verify-high2.c @@ -244,9 +244,17 @@ gnutls_x509_trust_list_add_trust_file(gnutls_x509_trust_list_t list, if (ca_file != NULL) { #ifdef ENABLE_PKCS11 if (strncmp(ca_file, "pkcs11:", 7) == 0) { + unsigned pcrt_list_size = 0; + list->pkcs11_token = gnutls_strdup(ca_file); - return 0; + /* enumerate the certificates */ + ret = gnutls_pkcs11_obj_list_import_url(NULL, &pcrt_list_size, + ca_file, GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA, 0); + if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER) + return gnutls_assert_val(ret); + + return pcrt_list_size; } else #endif { |