diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-06-10 19:04:55 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-06-10 19:08:47 +0200 |
commit | 53fa58d3661a61607a9f973fd1ea16d22a987d19 (patch) | |
tree | d93181fa9d2e252f96a6b5718eb033fbf926025d | |
parent | 27e04f358231cbb04c36da335cd5272a9987c779 (diff) | |
download | gnutls-53fa58d3661a61607a9f973fd1ea16d22a987d19.tar.gz |
Added gnutls_certificate_set_trust_list().
-rw-r--r-- | NEWS | 2 | ||||
-rw-r--r-- | lib/gnutls_x509.c | 37 | ||||
-rw-r--r-- | lib/includes/gnutls/x509.h | 4 | ||||
-rw-r--r-- | lib/libgnutls.map | 1 |
4 files changed, 39 insertions, 5 deletions
@@ -8,7 +8,7 @@ See the end for copying conditions. subsystems. ** API and ABI modifications: -No changes since last version. +gnutls_certificate_set_trust_list: Added * Version 3.2.1 (released 2013-06-01) diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c index d67ad5bf23..f0568de79e 100644 --- a/lib/gnutls_x509.c +++ b/lib/gnutls_x509.c @@ -42,6 +42,7 @@ #include "x509/common.h" #include "x509/x509_int.h" #include <gnutls_str_array.h> +#include <gnutls/x509.h> #include "read-file.h" #ifdef _WIN32 # include <wincrypt.h> @@ -1270,10 +1271,11 @@ cleanup: * called more than once, in case multiple keys/certificates exist for * the server. For clients that wants to send more than its own end * entity certificate (e.g., also an intermediate CA cert) then put - * the certificate chain in @pcert_list. The @pcert_list and @key will - * become part of the credentials structure and must not - * be deallocated. They will be automatically deallocated when @res - * is deinitialized. + * the certificate chain in @pcert_list. + * + * Note that the @pcert_list and @key will become part of the credentials + * structure and must not be deallocated. They will be automatically deallocated + * when the @res structure is deinitialized. * * Returns: %GNUTLS_E_SUCCESS (0) on success, or a negative error code. * @@ -1338,6 +1340,33 @@ cleanup: } /** + * gnutls_certificate_set_trust_list: + * @res: is a #gnutls_certificate_credentials_t structure. + * @tlist: is a #gnutls_x509_trust_list_t structure + * @flags: must be zero + * + * This function sets a trust list in the gnutls_certificate_credentials_t structure. + * + * Note that the @tlist will become part of the credentials + * structure and must not be deallocated. It will be automatically deallocated + * when the @res structure is deinitialized. + * + * Returns: %GNUTLS_E_SUCCESS (0) on success, or a negative error code. + * + * Since: 3.2.2 + **/ +void +gnutls_certificate_set_trust_list (gnutls_certificate_credentials_t res, + gnutls_x509_trust_list_t tlist, + unsigned flags) +{ + gnutls_x509_trust_list_deinit(res->tlist, 1); + + res->tlist = tlist; +} + + +/** * gnutls_certificate_set_x509_key_file: * @res: is a #gnutls_certificate_credentials_t structure. * @certfile: is a file that containing the certificate list (path) for diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h index 53e020bb59..3e2bf2b570 100644 --- a/lib/includes/gnutls/x509.h +++ b/lib/includes/gnutls/x509.h @@ -1110,6 +1110,10 @@ gnutls_x509_trust_list_remove_trust_mem(gnutls_x509_trust_list_t list, int gnutls_x509_trust_list_add_system_trust(gnutls_x509_trust_list_t list, unsigned int tl_flags, unsigned int tl_vflags); + +void gnutls_certificate_set_trust_list (gnutls_certificate_credentials_t res, + gnutls_x509_trust_list_t tlist, unsigned flags); + #ifdef __cplusplus } #endif diff --git a/lib/libgnutls.map b/lib/libgnutls.map index e14ab6d1dc..f7a41db334 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -911,6 +911,7 @@ GNUTLS_3_1_0 { gnutls_alpn_get_selected_protocol; gnutls_alpn_set_protocols; gnutls_session_set_id; + gnutls_certificate_set_trust_list; } GNUTLS_3_0_0; GNUTLS_PRIVATE { |