diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-03-08 18:53:10 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-03-08 18:53:38 +0100 |
| commit | 7ca8d0be82fb8b0e280178449ed0f8edd2d8346a (patch) | |
| tree | 8fcad806903a99c9a18df703f04e5bf4be91036b /lib | |
| parent | 0ec72ce0a57c563a0edc810ad882c9befe4597c3 (diff) | |
| download | gnutls-7ca8d0be82fb8b0e280178449ed0f8edd2d8346a.tar.gz | |
Return proper also when loading a private key.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/gnutls_ui.c | 26 | ||||
| -rw-r--r-- | lib/gnutls_x509.c | 45 | ||||
| -rw-r--r-- | lib/gnutls_x509.h | 3 |
3 files changed, 43 insertions, 31 deletions
diff --git a/lib/gnutls_ui.c b/lib/gnutls_ui.c index 5eae2c2f79..321b2f724e 100644 --- a/lib/gnutls_ui.c +++ b/lib/gnutls_ui.c @@ -810,32 +810,6 @@ size_t len; } /** - * gnutls_url_is_supported: - * @url: A PKCS 11 url - * - * Check whether url is supported. Depending on the system libraries - * GnuTLS may support pkcs11 or tpmkey URLs. - * - * Returns: return non-zero if the given URL is supported, and zero if - * it is not known. - * - * Since: 3.1.0 - **/ -int -gnutls_url_is_supported (const char* url) -{ -#ifdef ENABLE_PKCS11 - if (strstr(url, "pkcs11:") != NULL) - return 1; -#endif -#ifdef HAVE_TROUSERS - if (strstr(url, "tpmkey:") != NULL) - return 1; -#endif - return 0; -} - -/** * gnutls_ocsp_status_request_is_checked: * @session: is a gnutls session * @flags: should be zero diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c index 8a7cbbb6d6..9dbee218c7 100644 --- a/lib/gnutls_x509.c +++ b/lib/gnutls_x509.c @@ -919,9 +919,10 @@ read_key_file (gnutls_certificate_credentials_t res, char *data; if (gnutls_url_is_supported(keyfile)) - { - return read_key_url (res, keyfile); - } + return read_key_url (res, keyfile); + + if (_gnutls_url_is_known(keyfile)) + return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE); data = read_binary_file (keyfile, &size); @@ -2150,3 +2151,41 @@ void gnutls_certificate_set_pin_function (gnutls_certificate_credentials_t cred, cred->pin.cb = fn; cred->pin.data = userdata; } + +/** + * gnutls_url_is_supported: + * @url: A PKCS 11 url + * + * Check whether url is supported. Depending on the system libraries + * GnuTLS may support pkcs11 or tpmkey URLs. + * + * Returns: return non-zero if the given URL is supported, and zero if + * it is not known. + * + * Since: 3.1.0 + **/ +int +gnutls_url_is_supported (const char* url) +{ +#ifdef ENABLE_PKCS11 + if (strstr(url, "pkcs11:") != NULL) + return 1; +#endif +#ifdef HAVE_TROUSERS + if (strstr(url, "tpmkey:") != NULL) + return 1; +#endif + return 0; +} + +int +_gnutls_url_is_known (const char* url) +{ + if (strstr(url, "pkcs11:") != NULL) + return 1; + else if (strstr(url, "tpmkey:") != NULL) + return 1; + else + return 0; +} + diff --git a/lib/gnutls_x509.h b/lib/gnutls_x509.h index 8e12f3d802..b7c33debfd 100644 --- a/lib/gnutls_x509.h +++ b/lib/gnutls_x509.h @@ -32,8 +32,7 @@ int _gnutls_x509_cert_verify_peers (gnutls_session_t session, #define PEM_CRL_SEP "-----BEGIN X509 CRL" -#define PEM_KEY_RSA_SEP "-----BEGIN RSA" -#define PEM_KEY_DSA_SEP "-----BEGIN DSA" +int _gnutls_url_is_known (const char* url); int _gnutls_check_key_usage (const gnutls_pcert_st* cert, gnutls_kx_algorithm_t alg); |