summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2002-01-04 12:05:51 +0000
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2002-01-04 12:05:51 +0000
commitfaa84bc98ead2485c5ff7e57d9b7e208a8816364 (patch)
tree8413d914f1691ecc19d90e12ca9049f66fc95fcd /src
parent78fcf46acfef31b49960d2a7fee7c172a1116bf0 (diff)
downloadgnutls-faa84bc98ead2485c5ff7e57d9b7e208a8816364.tar.gz
updated documentation
Diffstat (limited to 'src')
-rw-r--r--src/common.h31
1 files changed, 26 insertions, 5 deletions
diff --git a/src/common.h b/src/common.h
index cc616c2494..9d2aee344f 100644
--- a/src/common.h
+++ b/src/common.h
@@ -12,13 +12,18 @@
static int print_info( GNUTLS_STATE state) {
const char *tmp;
-CredType cred;
+GNUTLS_CredType cred;
gnutls_DN dn;
const gnutls_datum* cert_list;
-CertificateStatus status;
+GNUTLS_CertificateStatus status;
int cert_list_size = 0;
+GNUTLS_KXAlgorithm kx;
- tmp = gnutls_kx_get_name(gnutls_kx_get_algo( state));
+
+ /* print the key exchange's algorithm name
+ */
+ kx = gnutls_kx_get_algo(state);
+ tmp = gnutls_kx_get_name( kx);
printf("- Key Exchange: %s\n", tmp);
cred = gnutls_auth_get_type(state);
@@ -28,6 +33,8 @@ int cert_list_size = 0;
gnutls_anon_client_get_dh_bits( state));
break;
case GNUTLS_X509PKI:
+ /* in case of X509 PKI
+ */
cert_list = gnutls_x509pki_client_get_peer_certificate_list( state, &cert_list_size);
status = gnutls_x509pki_client_get_peer_certificate_status( state);
@@ -48,7 +55,14 @@ int cert_list_size = 0;
printf("- Peer's X509 Certificate was invalid\n");
break;
}
-
+
+ /* Check if we have been using ephemeral Diffie Hellman.
+ */
+ if (kx == GNUTLS_KX_X509PKI_DHE_RSA || kx == GNUTLS_KX_X509PKI_DHE_DSS) {
+ printf("\n- Ephemeral DH using prime of %d bits\n",
+ gnutls_x509pki_server_get_dh_bits( state));
+ }
+
if (cert_list_size > 0) {
char digest[20];
char serial[40];
@@ -59,6 +73,8 @@ int cert_list_size = 0;
printf(" - Certificate info:\n");
+ /* Print the fingerprint of the certificate
+ */
if ( gnutls_fingerprint( GNUTLS_DIG_MD5, &cert_list[0], digest, &digest_size) >= 0) {
print = printable;
for (i=0;i<digest_size;i++) {
@@ -67,7 +83,9 @@ int cert_list_size = 0;
}
printf(" - Certificate fingerprint: %s\n", printable);
}
-
+
+ /* Print the serial number of the certificate.
+ */
if ( gnutls_x509pki_extract_certificate_serial( &cert_list[0], serial, &serial_size) >= 0) {
print = printable;
for (i=0;i<serial_size;i++) {
@@ -77,6 +95,9 @@ int cert_list_size = 0;
printf(" - Certificate serial number: %s\n", printable);
}
+ /* Print the version of the X.509
+ * certificate.
+ */
printf(" - Certificate version: #%d\n", gnutls_x509pki_extract_certificate_version( &cert_list[0]));
gnutls_x509pki_extract_certificate_dn( &cert_list[0], &dn);