diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-01-30 20:59:08 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-01-30 20:59:08 +0100 |
| commit | 26ec6f40ae4856e20e2b28119ed4afd73b320af0 (patch) | |
| tree | 65ab6f8fc26e985b7bbcc34e46f52c83ba4a9a25 /src | |
| parent | 8a52dc869a949065db689c0809f9dcc70507c4b9 (diff) | |
| download | gnutls-26ec6f40ae4856e20e2b28119ed4afd73b320af0.tar.gz | |
added print_cert_info_compact().
Diffstat (limited to 'src')
| -rw-r--r-- | src/cli.c | 4 | ||||
| -rw-r--r-- | src/common.c | 47 | ||||
| -rw-r--r-- | src/common.h | 2 |
3 files changed, 36 insertions, 17 deletions
@@ -492,7 +492,7 @@ cert_verify_callback (gnutls_session_t session) cert, 0); if (rc == GNUTLS_E_NO_CERTIFICATE_FOUND) { - print_cert_info(session, GNUTLS_CRT_PRINT_COMPACT, 0); + print_cert_info_compact(session); fprintf(stderr, "Host %s has never been contacted before and is not in the trusted list.\n", hostname); if (status == 0) fprintf(stderr, "Its certificate is valid for %s.\n", hostname); @@ -503,7 +503,7 @@ cert_verify_callback (gnutls_session_t session) } else if (rc == GNUTLS_E_CERTIFICATE_KEY_MISMATCH) { - print_cert_info(session, GNUTLS_CRT_PRINT_COMPACT, 0); + print_cert_info_compact(session); fprintf(stderr, "Warning: host %s is known and it is associated with a different key.\n", hostname); fprintf(stderr, "It might be that the server has multiple keys, or an attacker replaced the key to eavesdrop this connection .\n"); if (status == 0) diff --git a/src/common.c b/src/common.c index c98ad04bf2..f35f16f9f7 100644 --- a/src/common.c +++ b/src/common.c @@ -67,7 +67,7 @@ raw_to_string (const unsigned char *raw, size_t raw_size) } static void -print_x509_info_compact (gnutls_session_t session, int flag) +print_x509_info_compact (gnutls_session_t session) { gnutls_x509_crt_t crt; const gnutls_datum_t *cert_list; @@ -94,7 +94,7 @@ print_x509_info_compact (gnutls_session_t session, int flag) } ret = - gnutls_x509_crt_print (crt, flag, &cinfo); + gnutls_x509_crt_print (crt, GNUTLS_CRT_PRINT_COMPACT, &cinfo); if (ret == 0) { printf ("- X.509 cert: %s\n", cinfo.data); @@ -112,9 +112,6 @@ print_x509_info (gnutls_session_t session, int flag, int print_cert) unsigned int cert_list_size = 0, j; int ret; - if (flag == GNUTLS_CRT_PRINT_COMPACT && print_cert == 0) - return print_x509_info_compact(session, flag); - cert_list = gnutls_certificate_get_peers (session, &cert_list_size); if (cert_list_size == 0) { @@ -122,8 +119,8 @@ print_x509_info (gnutls_session_t session, int flag, int print_cert) return; } - printf (" - Certificate type: X.509\n"); - printf (" - Got a certificate list of %d certificates.\n", + printf ("- Certificate type: X.509\n"); + printf ("- Got a certificate list of %d certificates.\n", cert_list_size); for (j = 0; j < cert_list_size; j++) @@ -141,7 +138,7 @@ print_x509_info (gnutls_session_t session, int flag, int print_cert) return; } - printf (" - Certificate[%d] info:\n - ", j); + printf ("- Certificate[%d] info:\n - ", j); ret = gnutls_x509_crt_print (crt, flag, &cinfo); @@ -292,7 +289,7 @@ verify_openpgp_hostname (gnutls_session_t session, const char *hostname) } static void -print_openpgp_info_compact (gnutls_session_t session, int flag) +print_openpgp_info_compact (gnutls_session_t session) { gnutls_openpgp_crt_t crt; @@ -317,7 +314,7 @@ print_openpgp_info_compact (gnutls_session_t session, int flag) } ret = - gnutls_openpgp_crt_print (crt, flag, &cinfo); + gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_COMPACT, &cinfo); if (ret == 0) { printf ("- OpenPGP cert: %s\n", cinfo.data); @@ -337,10 +334,7 @@ print_openpgp_info (gnutls_session_t session, int flag, int print_cert) unsigned int cert_list_size = 0; int ret; - if (flag == GNUTLS_CRT_PRINT_COMPACT && print_cert == 0) - print_openpgp_info_compact(session, flag); - - printf (" - Certificate type: OpenPGP\n"); + printf ("- Certificate type: OpenPGP\n"); cert_list = gnutls_certificate_get_peers (session, &cert_list_size); @@ -362,7 +356,7 @@ print_openpgp_info (gnutls_session_t session, int flag, int print_cert) gnutls_openpgp_crt_print (crt, flag, &cinfo); if (ret == 0) { - printf (" - %s\n", cinfo.data); + printf ("- %s\n", cinfo.data); gnutls_free (cinfo.data); } @@ -738,6 +732,29 @@ print_cert_info (gnutls_session_t session, int flag, int print_cert) } void +print_cert_info_compact (gnutls_session_t session) +{ + + if (gnutls_certificate_client_get_request_status (session) != 0) + printf ("- Server has requested a certificate.\n"); + + switch (gnutls_certificate_type_get (session)) + { + case GNUTLS_CRT_X509: + print_x509_info_compact (session); + break; +#ifdef ENABLE_OPENPGP + case GNUTLS_CRT_OPENPGP: + print_openpgp_info_compact (session); + break; +#endif + default: + printf ("Unknown type\n"); + break; + } +} + +void print_list (const char *priorities, int verbose) { size_t i; diff --git a/src/common.h b/src/common.h index 1e6ca3735e..da42835556 100644 --- a/src/common.h +++ b/src/common.h @@ -51,6 +51,8 @@ extern const char str_unknown[]; int print_info (gnutls_session_t state, int print_cert); void print_cert_info (gnutls_session_t, int flag, int print_cert); +void print_cert_info_compact (gnutls_session_t session); + void print_list (const char* priorities, int verbose); int cert_verify (gnutls_session_t session, const char* hostname); |