diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-12-22 11:43:49 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-12-22 11:44:28 +0200 |
commit | cd4876433f3579093659fe4956bfa15b97b7f0a0 (patch) | |
tree | 088ce87950bfeb66afe9a8b3ea4977ddedf58801 /lib/x509/verify-high2.c | |
parent | 853722becfd214dad05d7d7ca38fb3d8a31a77e3 (diff) | |
download | gnutls-cd4876433f3579093659fe4956bfa15b97b7f0a0.tar.gz |
combined gnutls_pkcs11_obj_attr_t with gnutls_pkcs11_obj_flags
That was done in an API-backwards compatible way. That
introduces gnutls_pkcs11_obj_list_import_url3() and
gnutls_pkcs11_obj_list_import_url4().
Diffstat (limited to 'lib/x509/verify-high2.c')
-rw-r--r-- | lib/x509/verify-high2.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/lib/x509/verify-high2.c b/lib/x509/verify-high2.c index dda1b131a5..09eefd4000 100644 --- a/lib/x509/verify-high2.c +++ b/lib/x509/verify-high2.c @@ -191,7 +191,7 @@ int add_trust_list_pkcs11_object_url(gnutls_x509_trust_list_t list, const char * ret = gnutls_pkcs11_obj_list_import_url2(&pcrt_list, &pcrt_list_size, url, - GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL|GNUTLS_PKCS11_OBJ_ATTR_MARKED_TRUSTED, + GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED, 0); if (ret < 0) return gnutls_assert_val(ret); @@ -239,7 +239,7 @@ int remove_pkcs11_object_url(gnutls_x509_trust_list_t list, const char *url) ret = gnutls_pkcs11_obj_list_import_url2(&pcrt_list, &pcrt_list_size, url, - GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL|GNUTLS_PKCS11_OBJ_ATTR_MARKED_TRUSTED, + GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED, 0); if (ret < 0) return gnutls_assert_val(ret); @@ -330,7 +330,9 @@ gnutls_x509_trust_list_add_trust_file(gnutls_x509_trust_list_t list, /* enumerate the certificates */ ret = gnutls_pkcs11_obj_list_import_url(NULL, &pcrt_list_size, - ca_file, GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA, 0); + ca_file, + (GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_MARK_CA|GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED), + 0); if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER) return gnutls_assert_val(ret); |