diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-03-21 20:53:35 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-03-21 22:25:59 +0100 |
| commit | a9a2aa2593174958205664e77805d2cec03bb297 (patch) | |
| tree | c133741bdfea1259c2d828fb0ae627d1393e6d1d | |
| parent | d49c0407520fcb1f6548b564e0ee7a5256fc64e6 (diff) | |
| download | gnutls-a9a2aa2593174958205664e77805d2cec03bb297.tar.gz | |
use commit suffix for functions that return a status code.
| -rw-r--r-- | lib/x509/verify-high.c | 6 | ||||
| -rw-r--r-- | lib/x509/verify.c | 18 | ||||
| -rw-r--r-- | lib/x509/x509_int.h | 4 |
3 files changed, 13 insertions, 15 deletions
diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c index 239ef8257f..13395abd77 100644 --- a/lib/x509/verify-high.c +++ b/lib/x509/verify-high.c @@ -489,8 +489,6 @@ gnutls_x509_trust_list_add_crls(gnutls_x509_trust_list_t list, /* Takes a certificate list and shortens it if there are * intermedia certificates already trusted by us. * - * FIXME: This is very similar to _gnutls_x509_verify_certificate(). - * * Returns the new size of the list or a negative number on error. */ static int shorten_clist(gnutls_x509_trust_list_t list, @@ -731,14 +729,14 @@ gnutls_x509_trust_list_verify_crt(gnutls_x509_trust_list_t list, if (list->pkcs11_token) { /* use the token for verification */ - *voutput = _gnutls_pkcs11_verify_certificate(list->pkcs11_token, + *voutput = _gnutls_pkcs11_verify_crt_status(list->pkcs11_token, cert_list, cert_list_size, flags, func); } else #endif { *voutput = - _gnutls_x509_verify_certificate(cert_list, cert_list_size, + _gnutls_verify_crt_status(cert_list, cert_list_size, list->node[hash].trusted_cas, list-> node[hash].trusted_ca_size, diff --git a/lib/x509/verify.c b/lib/x509/verify.c index 037329ee54..7d87f98024 100644 --- a/lib/x509/verify.c +++ b/lib/x509/verify.c @@ -341,7 +341,7 @@ find_issuer(gnutls_x509_crt_t cert, return issuer; } -static unsigned int check_time(gnutls_x509_crt_t crt, time_t now) +static unsigned int check_time_status(gnutls_x509_crt_t crt, time_t now) { int status = 0; time_t t; @@ -760,7 +760,7 @@ verify_crt(gnutls_x509_crt_t cert, if (!(flags & GNUTLS_VERIFY_DISABLE_TIME_CHECKS)) { /* check the time of the issuer first */ if (!(flags & GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS)) { - out |= check_time(issuer, now); + out |= check_time_status(issuer, now); if (out != 0) { gnutls_assert(); result = 0; @@ -769,7 +769,7 @@ verify_crt(gnutls_x509_crt_t cert, } } - out |= check_time(cert, now); + out |= check_time_status(cert, now); if (out != 0) { gnutls_assert(); result = 0; @@ -818,7 +818,7 @@ gnutls_x509_crt_check_issuer(gnutls_x509_crt_t cert, * list should lead to a trusted certificate in order to be trusted. */ unsigned int -_gnutls_x509_verify_certificate(const gnutls_x509_crt_t * certificate_list, +_gnutls_verify_crt_status(const gnutls_x509_crt_t * certificate_list, int clist_size, const gnutls_x509_crt_t * trusted_cas, int tcas_size, @@ -871,7 +871,7 @@ _gnutls_x509_verify_certificate(const gnutls_x509_crt_t * certificate_list, if (!(flags & GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS) && !(flags & GNUTLS_VERIFY_DISABLE_TIME_CHECKS)) { status |= - check_time(trusted_cas[j], + check_time_status(trusted_cas[j], now); if (status != 0) { if (func) @@ -966,7 +966,7 @@ cleanup: * list should lead to a trusted certificate in order to be trusted. */ unsigned int -_gnutls_pkcs11_verify_certificate(const char* url, +_gnutls_pkcs11_verify_crt_status(const char* url, const gnutls_x509_crt_t * certificate_list, unsigned clist_size, unsigned int flags, @@ -1059,7 +1059,7 @@ _gnutls_pkcs11_verify_certificate(const char* url, goto cleanup; } - status = _gnutls_x509_verify_certificate(certificate_list, clist_size, + status = _gnutls_verify_crt_status(certificate_list, clist_size, &issuer, 1, flags, func); cleanup: @@ -1168,7 +1168,7 @@ gnutls_x509_crt_list_verify(const gnutls_x509_crt_t * cert_list, /* Verify certificate */ *verify = - _gnutls_x509_verify_certificate(cert_list, cert_list_length, + _gnutls_verify_crt_status(cert_list, cert_list_length, CA_list, CA_list_length, flags, NULL); @@ -1211,7 +1211,7 @@ gnutls_x509_crt_verify(gnutls_x509_crt_t cert, /* Verify certificate */ *verify = - _gnutls_x509_verify_certificate(&cert, 1, + _gnutls_verify_crt_status(&cert, 1, CA_list, CA_list_length, flags, NULL); return 0; diff --git a/lib/x509/x509_int.h b/lib/x509/x509_int.h index 5d7630ad2c..c4356e29b1 100644 --- a/lib/x509/x509_int.h +++ b/lib/x509/x509_int.h @@ -360,7 +360,7 @@ int _gnutls_x509_crq_set_extension(gnutls_x509_crq_t crq, unsigned int critical); unsigned int -_gnutls_x509_verify_certificate(const gnutls_x509_crt_t * certificate_list, +_gnutls_verify_crt_status(const gnutls_x509_crt_t * certificate_list, int clist_size, const gnutls_x509_crt_t * trusted_cas, int tcas_size, @@ -369,7 +369,7 @@ _gnutls_x509_verify_certificate(const gnutls_x509_crt_t * certificate_list, #ifdef ENABLE_PKCS11 unsigned int -_gnutls_pkcs11_verify_certificate(const char* url, +_gnutls_pkcs11_verify_crt_status(const char* url, const gnutls_x509_crt_t * certificate_list, unsigned clist_size, unsigned int flags, |