diff options
Diffstat (limited to 'manual/html_node/Client-using-a-smart-card-with-TLS.html')
| -rw-r--r-- | manual/html_node/Client-using-a-smart-card-with-TLS.html | 48 |
1 files changed, 24 insertions, 24 deletions
diff --git a/manual/html_node/Client-using-a-smart-card-with-TLS.html b/manual/html_node/Client-using-a-smart-card-with-TLS.html index 02bf869891..66303ab757 100644 --- a/manual/html_node/Client-using-a-smart-card-with-TLS.html +++ b/manual/html_node/Client-using-a-smart-card-with-TLS.html @@ -1,7 +1,7 @@ <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <!-- This manual is last updated 4 March 2015 for version -3.4.11 of GnuTLS. +3.5.0 of GnuTLS. Copyright (C) 2001-2015 Free Software Foundation, Inc.\\ Copyright (C) 2001-2015 Nikos Mavrogiannopoulos @@ -12,12 +12,12 @@ any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". --> -<!-- Created by GNU Texinfo 6.0, http://www.gnu.org/software/texinfo/ --> +<!-- Created by GNU Texinfo 6.1, http://www.gnu.org/software/texinfo/ --> <head> -<title>GnuTLS 3.4.11: Client using a smart card with TLS</title> +<title>GnuTLS 3.5.0: Client using a smart card with TLS</title> -<meta name="description" content="GnuTLS 3.4.11: Client using a smart card with TLS"> -<meta name="keywords" content="GnuTLS 3.4.11: Client using a smart card with TLS"> +<meta name="description" content="GnuTLS 3.5.0: Client using a smart card with TLS"> +<meta name="keywords" content="GnuTLS 3.5.0: Client using a smart card with TLS"> <meta name="resource-type" content="document"> <meta name="distribution" content="global"> <meta name="Generator" content="makeinfo"> @@ -49,9 +49,8 @@ pre.smalldisplay {font-family: inherit; font-size: smaller} pre.smallexample {font-size: smaller} pre.smallformat {font-family: inherit; font-size: smaller} pre.smalllisp {font-size: smaller} -span.nocodebreak {white-space: nowrap} span.nolinebreak {white-space: nowrap} -span.roman {font-family: serif; font-weight: normal} +span.roman {font-family: initial; font-weight: normal} span.sansserif {font-family: sans-serif; font-weight: normal} ul.no-bullet {list-style: none} body { @@ -186,6 +185,7 @@ use it in a TLS connection. #include <gnutls/gnutls.h> #include <gnutls/x509.h> #include <gnutls/pkcs11.h> +#include <assert.h> #include <sys/types.h> #include <sys/stat.h> #include <fcntl.h> @@ -194,6 +194,8 @@ use it in a TLS connection. /* A TLS client that loads the certificate and key. */ +#define CHECK(x) assert((x)>=0) + #define MAX_BUF 1024 #define MSG "GET / HTTP/1.0\r\n\r\n" #define MIN(x,y) (((x)<(y))?(x):(y)) @@ -245,7 +247,6 @@ int main(void) { int ret, sd, ii; gnutls_session_t session; - gnutls_priority_t priorities_cache; char buffer[MAX_BUF + 1]; gnutls_certificate_credentials_t xcred; /* Allow connections to servers that have OpenPGP keys as well. @@ -257,37 +258,37 @@ int main(void) } /* for backwards compatibility with gnutls < 3.3.0 */ - gnutls_global_init(); + CHECK(gnutls_global_init()); /* The PKCS11 private key operations may require PIN. * Register a callback. */ gnutls_pkcs11_set_pin_function(pin_callback, NULL); /* X509 stuff */ - gnutls_certificate_allocate_credentials(&xcred); - - /* priorities */ - gnutls_priority_init(&priorities_cache, - "NORMAL", NULL); + CHECK(gnutls_certificate_allocate_credentials(&xcred)); /* sets the trusted cas file */ - gnutls_certificate_set_x509_trust_file(xcred, CAFILE, - GNUTLS_X509_FMT_PEM); + CHECK(gnutls_certificate_set_x509_trust_file(xcred, CAFILE, + GNUTLS_X509_FMT_PEM)); + + CHECK(gnutls_certificate_set_x509_key_file(xcred, CERT_URL, KEY_URL, + GNUTLS_X509_FMT_DER)); + + /* Note that there is no server certificate verification in this example + */ - gnutls_certificate_set_x509_key_file(xcred, CERT_URL, KEY_URL, - GNUTLS_X509_FMT_DER); /* Initialize TLS session */ - gnutls_init(&session, GNUTLS_CLIENT); + CHECK(gnutls_init(&session, GNUTLS_CLIENT)); /* Use default priorities */ - gnutls_priority_set(session, priorities_cache); + CHECK(gnutls_set_default_priority(session)); /* put the x509 credentials to the current session */ - gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred); + CHECK(gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred)); /* connect to the peer */ @@ -311,7 +312,7 @@ int main(void) gnutls_free(desc); } - gnutls_record_send(session, MSG, strlen(MSG)); + CHECK(gnutls_record_send(session, MSG, strlen(MSG))); ret = gnutls_record_recv(session, buffer, MAX_BUF); if (ret == 0) { @@ -328,7 +329,7 @@ int main(void) } fputs("\n", stdout); - gnutls_bye(session, GNUTLS_SHUT_RDWR); + CHECK(gnutls_bye(session, GNUTLS_SHUT_RDWR)); end: @@ -337,7 +338,6 @@ int main(void) gnutls_deinit(session); gnutls_certificate_free_credentials(xcred); - gnutls_priority_deinit(priorities_cache); gnutls_global_deinit(); |