diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-09-30 16:22:33 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-09-30 16:31:19 +0200 |
| commit | 946ea95e6f3ac2a9dad38d8f64eeee2956279a47 (patch) | |
| tree | e8b994e9d57e429712c23e6fc4a414a0a455951e /src/cli.c | |
| parent | 0540e077a7cfaf961bb620b65f85ba13ae7b62e0 (diff) | |
| download | gnutls-946ea95e6f3ac2a9dad38d8f64eeee2956279a47.tar.gz | |
The OCSP response file is now set on the credentials and other additions.
Changed OCSP function prototypes for almost all status_request functions
to move the response file and callback to the certificate credentials structure.
Added gnutls_ocsp_resp_check_crt() to check whether a response corresponds
to a given certificate.
Diffstat (limited to 'src/cli.c')
| -rw-r--r-- | src/cli.c | 12 |
1 files changed, 6 insertions, 6 deletions
@@ -632,7 +632,7 @@ init_tls_session (const char *hostname) /* OCSP status-request TLS extension */ if (status_request_ocsp > 0 && disable_extensions == 0) { - if (gnutls_status_request_ocsp_client (session, NULL, 0, NULL) < 0) + if (gnutls_ocsp_status_request_enable_client (session, NULL, 0, NULL) < 0) { fprintf (stderr, "Cannot set OCSP status request information.\n"); exit (1); @@ -1103,7 +1103,7 @@ const char* rest = NULL; } record_max_size = OPT_VALUE_RECORDSIZE; - status_request_ocsp = HAVE_OPT(STATUS_REQUEST_OCSP); + status_request_ocsp = HAVE_OPT(OCSP_STATUS_REQUEST); if (ENABLED_OPT(OCSP)) status_request_ocsp = 1; @@ -1488,18 +1488,18 @@ cert_verify_ocsp (gnutls_session_t session) if (status_request_ocsp) { /* try the server's OCSP response */ - ret = gnutls_status_request_get_ocsp(session, &resp); + ret = gnutls_ocsp_status_request_get(session, &resp); if (ret < 0 && !ENABLED_OPT(OCSP)) { if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) - fprintf(stderr, "gnutls_status_request_get_ocsp: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_ocsp_status_request_get: %s\n", gnutls_strerror(ret)); ret = -1; goto cleanup; } if (ret >= 0) { - ret = check_ocsp_response(issuer, &resp); + ret = check_ocsp_response(crt, issuer, &resp); if (ret >= 0 || !ENABLED_OPT(OCSP)) goto cleanup; } @@ -1515,7 +1515,7 @@ cert_verify_ocsp (gnutls_session_t session) } /* verify and check the response for revoked cert */ - ret = check_ocsp_response(issuer, &resp); + ret = check_ocsp_response(crt, issuer, &resp); cleanup: if (deinit_issuer) |