Home GnuPG
Diffusion Not Too Bad TLS f9552b3c9f2c

Change verification API to use a callback.
f9552b3c9f2c
Actions

Description

Change verification API to use a callback.

* src/ntbtls.h.in: Include ksba.h.
(ntbtls_verify_cb_t): New type.
(ntbtls_set_ca_chain): Remove prototype.
(ntbtls_set_verify_cb): New.
(ntbtls_x509_get_peer_cert): New.
* src/visibility.c (ntbtls_set_ca_chain): Remove.
(ntbtls_set_verify_cb): New.
(ntbtls_x509_get_peer_cert): New.
* src/visibility.h (ntbtls_set_ca_chain): Remove
(ntbtls_set_verify_cb): Mark visible.
(ntbtls_x509_get_peer_cert): Ditto.
* src/libntbtls.def (ntbtls_set_ca_chain): Remove.
(ntbtls_set_verify_cb, ntbtls_x509_get_peer_cert): New.
* src/libntbtls.vers (ntbtls_set_ca_chain): Remove.
(ntbtls_set_verify_cb, ntbtls_x509_get_peer_cert): New.
* src/context.h (_ntbtls_context_s: Remove 'ca_chain' and
'crl_chain'.  Add 'verify_cb' and 'verify_cb_value'.
* src/protocol.c (_ntbtls_read_certificate): Call verify callback.
(session_deinit): Remove superfluous conditional.
(_ntbtls_set_ca_chain): Remove.
(_ntbtls_set_verify_cb): New.
* src/x509.c (x)509_cert_s): Remove fields 'fpr', 'is_self_signed',
and 'is_valid'.
(_ntbtls_x509_verify): Remove
(_ntbtls_x509_get_cert): Fix use of IDX.
(_ntbtls_x509_get_peer_cert): New.
  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance
wernerAuthored on Feb 19 2017, 10:26 AM
Parents
rTb5cbe683800f: In debug mode write some infos about the certificates.
Branches
Unknown
Tags
Unknown

Changes (9)

PathSize
src/

rTf9552b3c9f2c

View Options

src/context.h

Loading...
View Options

src/libntbtls.def

Loading...
View Options

src/libntbtls.vers

Loading...
View Options

src/ntbtls-int.h

Loading...
View Options

src/ntbtls.h.in

Loading...
View Options

src/protocol.c

Loading...
View Options

src/visibility.c

Loading...
View Options

src/visibility.h

Loading...
View Options

src/x509.c

Loading...