gnutls_certificate_set_ocsp_status_request_file: match input response to certificates

That is, iterate through the certificate chain to figure to which certificate the response corresponds to, and assign it to it. That allows for applications to re-use this function to set multiple responses when available. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-12-07 16:16:55 +0100
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2018-02-19 15:29:37 +0100
commit: 1e919486f4f191e372f451f6518f7b93dd19bf22 (patch)
tree: b66e38317dfcf41d241f5159c711753881fc5a10 /lib/errors.c
parent: 92536334518011245095c352ec368da96dc421f7 (diff)
download: gnutls-1e919486f4f191e372f451f6518f7b93dd19bf22.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/errors.c b/lib/errors.c
index 77cba34fc7..16ade63749 100644
--- a/lib/errors.c
+++ b/lib/errors.c
@@ -375,6 +375,8 @@ static const gnutls_error_entry error_entries[] = {
 		    GNUTLS_E_CERTIFICATE_LIST_UNSORTED),
 	ERROR_ENTRY(N_("The OCSP response is invalid"),
 		    GNUTLS_E_OCSP_RESPONSE_ERROR),
+	ERROR_ENTRY(N_("The OCSP response provided doesn't match the available certificates"),
+		    GNUTLS_E_OCSP_MISMATCH_WITH_CERTS),
 	ERROR_ENTRY(N_("There is no certificate status (OCSP)."),
 		    GNUTLS_E_NO_CERTIFICATE_STATUS),
 	ERROR_ENTRY(N_("Error in the system's randomness device."),
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-12-07 16:16:55 +0100
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-02-19 15:29:37 +0100
commit	1e919486f4f191e372f451f6518f7b93dd19bf22 (patch)
tree	b66e38317dfcf41d241f5159c711753881fc5a10 /lib/errors.c
parent	92536334518011245095c352ec368da96dc421f7 (diff)
download	gnutls-1e919486f4f191e372f451f6518f7b93dd19bf22.tar.gz