diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-01-11 12:24:22 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-01-11 12:25:22 +0100 |
| commit | a05fa5c076e41645727c524a1a8ca8855fa18162 (patch) | |
| tree | aa006428650cfd986a2113278a147c8c75c14aa9 /lib/gnutls_cert.c | |
| parent | e6f43d4923bf200ae3995268435a98a1c7358eab (diff) | |
| download | gnutls-a05fa5c076e41645727c524a1a8ca8855fa18162.tar.gz | |
The RDN sequence is now kept in trust list instead of the credentials parameters.
This is however not enabled by default. When adding CAs to trust list
the flag GNUTLS_TL_USE_IN_TLS must be specified to generate the RDN
sequence. This flag is for now only useful internally in gnutls.
Diffstat (limited to 'lib/gnutls_cert.c')
| -rw-r--r-- | lib/gnutls_cert.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c index 07514edffc..906ca241bb 100644 --- a/lib/gnutls_cert.c +++ b/lib/gnutls_cert.c @@ -37,6 +37,7 @@ #include <gnutls_auth.h> #include <gnutls_x509.h> #include <gnutls_str_array.h> +#include <x509/verify-high.h> #include "x509/x509_int.h" #ifdef ENABLE_OPENPGP #include "openpgp/gnutls_openpgp.h" @@ -172,7 +173,7 @@ gnutls_certificate_get_crt_raw(gnutls_certificate_credentials_t sc, **/ void gnutls_certificate_free_ca_names(gnutls_certificate_credentials_t sc) { - _gnutls_free_datum(&sc->x509_rdn_sequence); + _gnutls_free_datum(&sc->tlist->x509_rdn_sequence); } @@ -192,7 +193,6 @@ gnutls_certificate_free_credentials(gnutls_certificate_credentials_t sc) { gnutls_x509_trust_list_deinit(sc->tlist, 1); gnutls_certificate_free_keys(sc); - gnutls_certificate_free_ca_names(sc); gnutls_free(sc->ocsp_response_file); memset(sc->pin_tmp, 0, sizeof(sc->pin_tmp)); #ifdef ENABLE_OPENPGP |