diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2015-09-26 14:03:25 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-05-19 09:49:45 +0200 |
commit | 9bf790d1de691293793512a69796b65c4b7d69c0 (patch) | |
tree | 35498dfe98cad43dc89f7ce1236aeeb6a2e2792e /lib/gnutls_int.h | |
parent | 81748e076ed2bbe3af9bd3c25ab5a3946968b4f5 (diff) | |
download | gnutls-9bf790d1de691293793512a69796b65c4b7d69c0.tar.gz |
Backported new verification functions for clients from 3.5.x branchbackport-new-verification-functions
The major use-case for the TLS protocol is verification of PKIX
certificates. However, certificate verification support while is
similar for almost all projects it requires around 100 lines of code
(a callback) to be duplicated to all applications. That patch
set gets rid of the callback and simplifies certificate verification
support, by introducing a very simple API; one that would accept
the session and the hostname only.
Resolves #27
Diffstat (limited to 'lib/gnutls_int.h')
-rw-r--r-- | lib/gnutls_int.h | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 3db0e1f699..83b3b5b035 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -1,5 +1,6 @@ /* - * Copyright (C) 2000-2012 Free Software Foundation, Inc. + * Copyright (C) 2000-2015 Free Software Foundation, Inc. + * Copyright (C) 2015 Red Hat, Inc. * * Author: Nikos Mavrogiannopoulos * @@ -1002,6 +1003,11 @@ typedef struct { /* a verify callback to override the verify callback from the credentials * structure */ gnutls_certificate_verify_function *verify_callback; + gnutls_typed_vdata_st *vc_data; + gnutls_typed_vdata_st vc_sdata; + unsigned vc_elements; + unsigned vc_status; + unsigned int additional_verify_flags; /* may be set by priorities or the vc functions */ /* If you add anything here, check _gnutls_handshake_internal_state_clear(). */ |