diff options
Diffstat (limited to 'manual/html_node/Simple-client-example-with-SSH_002dstyle-certificate-verification.html')
-rw-r--r-- | manual/html_node/Simple-client-example-with-SSH_002dstyle-certificate-verification.html | 39 |
1 files changed, 14 insertions, 25 deletions
diff --git a/manual/html_node/Simple-client-example-with-SSH_002dstyle-certificate-verification.html b/manual/html_node/Simple-client-example-with-SSH_002dstyle-certificate-verification.html index d33ef35a5a..f4f3f35dfa 100644 --- a/manual/html_node/Simple-client-example-with-SSH_002dstyle-certificate-verification.html +++ b/manual/html_node/Simple-client-example-with-SSH_002dstyle-certificate-verification.html @@ -1,7 +1,7 @@ <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <!-- This manual is last updated 4 March 2015 for version -3.4.11 of GnuTLS. +3.5.0 of GnuTLS. Copyright (C) 2001-2015 Free Software Foundation, Inc.\\ Copyright (C) 2001-2015 Nikos Mavrogiannopoulos @@ -12,12 +12,12 @@ any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". --> -<!-- Created by GNU Texinfo 6.0, http://www.gnu.org/software/texinfo/ --> +<!-- Created by GNU Texinfo 6.1, http://www.gnu.org/software/texinfo/ --> <head> -<title>GnuTLS 3.4.11: Simple client example with SSH-style certificate verification</title> +<title>GnuTLS 3.5.0: Simple client example with SSH-style certificate verification</title> -<meta name="description" content="GnuTLS 3.4.11: Simple client example with SSH-style certificate verification"> -<meta name="keywords" content="GnuTLS 3.4.11: Simple client example with SSH-style certificate verification"> +<meta name="description" content="GnuTLS 3.5.0: Simple client example with SSH-style certificate verification"> +<meta name="keywords" content="GnuTLS 3.5.0: Simple client example with SSH-style certificate verification"> <meta name="resource-type" content="document"> <meta name="distribution" content="global"> <meta name="Generator" content="makeinfo"> @@ -49,9 +49,8 @@ pre.smalldisplay {font-family: inherit; font-size: smaller} pre.smallexample {font-size: smaller} pre.smallformat {font-family: inherit; font-size: smaller} pre.smalllisp {font-size: smaller} -span.nocodebreak {white-space: nowrap} span.nolinebreak {white-space: nowrap} -span.roman {font-family: serif; font-weight: normal} +span.roman {font-family: initial; font-weight: normal} span.sansserif {font-family: sans-serif; font-weight: normal} ul.no-bullet {list-style: none} body { @@ -182,8 +181,11 @@ trusted. #include <string.h> #include <gnutls/gnutls.h> #include <gnutls/x509.h> +#include <assert.h> #include "examples.h" +#define CHECK(x) assert((x)>=0) + /* This function will verify the peer's certificate, check * if the hostname matches. In addition it will perform an * SSH-style authentication, where ultimately trusted keys @@ -204,22 +206,12 @@ int _ssh_verify_certificate_callback(gnutls_session_t session) /* This verification function uses the trusted CAs in the credentials * structure. So you must have installed one or more CA certificates. */ - ret = gnutls_certificate_verify_peers3(session, hostname, &status); - if (ret < 0) { - printf("Error\n"); - return GNUTLS_E_CERTIFICATE_ERROR; - } + CHECK(gnutls_certificate_verify_peers3(session, hostname, &status)); type = gnutls_certificate_type_get(session); - ret = - gnutls_certificate_verification_status_print(status, type, - &out, 0); - if (ret < 0) { - printf("Error\n"); - return GNUTLS_E_CERTIFICATE_ERROR; - } - + CHECK(gnutls_certificate_verification_status_print(status, + type, &out, 0)); printf("%s", out.data); gnutls_free(out.data); @@ -271,11 +263,8 @@ int _ssh_verify_certificate_callback(gnutls_session_t session) /* user trusts the key -> store it */ if (ret != 0) { - ret = gnutls_store_pubkey(NULL, NULL, hostname, "https", - type, &cert_list[0], 0, 0); - if (ret < 0) - printf("gnutls_store_pubkey: %s\n", - gnutls_strerror(ret)); + CHECK(gnutls_store_pubkey(NULL, NULL, hostname, "https", + type, &cert_list[0], 0, 0)); } /* notify gnutls to continue handshake normally */ |