Added options to specify a DLV file. Suggested by Paul Wouters.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2013-01-17 19:49:06 +0100
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2013-01-17 19:49:06 +0100
commit: 774543f65d55774871e5b0c800a36499f9a7c13a (patch)
tree: 0ea2b19141929c560cd24ce452eb36eaa43de41a /libdane
parent: c65833784807abda0fd80167315b8d62615f79a6 (diff)
download: gnutls-774543f65d55774871e5b0c800a36499f9a7c13a.tar.gz
4 files changed, 24 insertions, 0 deletions
diff --git a/libdane/dane.c b/libdane/dane.c
index 1ea599bc10..30274d53f2 100644
--- a/libdane/dane.c
+++ b/libdane/dane.c
@@ -204,6 +204,25 @@ void dane_state_deinit(dane_state_t s)
 	free(s);
 }
 
+/**
+ * dane_state_set_dlv_file:
+ * @s: The structure to be deinitialized
+ * @file: The file holding the DLV keys.
+ *
+ * This function will set a file with trusted keys 
+ * for DLV  (DNSSEC  Lookaside  Validation).
+ *
+ **/
+int dane_state_set_dlv_file(dane_state_t s, const char* file)
+{
+int ret;
+  
+  ret = ub_ctx_set_option(s->ctx, (char*)"dlv-anchor-file:", (void*)file);
+  if (ret != 0)
+    return gnutls_assert_val(DANE_E_FILE_ERROR);
+  
+  return 0;
+}
 
 /**
  * dane_query_deinit:
diff --git a/libdane/errors.c b/libdane/errors.c
index d08f509ef0..773c018af2 100644
--- a/libdane/errors.c
+++ b/libdane/errors.c
@@ -63,6 +63,8 @@ static const error_entry error_algorithms[] = {
                DANE_E_PUBKEY_ERROR),
   ERROR_ENTRY (N_("No certificate was found."),
                DANE_E_NO_CERT),
+  ERROR_ENTRY (N_("Error in file."),
+               DANE_E_FILE_ERROR),
   {NULL, NULL, 0}
 };
 
diff --git a/libdane/includes/gnutls/dane.h b/libdane/includes/gnutls/dane.h
index 75d2e36e6b..027f28e57b 100644
--- a/libdane/includes/gnutls/dane.h
+++ b/libdane/includes/gnutls/dane.h
@@ -104,6 +104,7 @@ typedef enum dane_state_flags_t
 } dane_state_flags_t;
 
 int dane_state_init (dane_state_t* s, unsigned int flags);
+int dane_state_set_dlv_file(dane_state_t s, const char* file);
 void dane_state_deinit (dane_state_t s);
 
 int dane_query_tlsa(dane_state_t s, dane_query_t *r, const char* host, const char* proto, unsigned int port);
@@ -166,4 +167,5 @@ const char * dane_strerror (int error);
 #define DANE_E_INVALID_REQUEST -9
 #define DANE_E_PUBKEY_ERROR -10
 #define DANE_E_NO_CERT -11
+#define DANE_E_FILE_ERROR -12
 
diff --git a/libdane/libdane.map b/libdane/libdane.map
index b3894e1b37..154e6e9e7d 100644
--- a/libdane/libdane.map
+++ b/libdane/libdane.map
@@ -17,6 +17,7 @@ DANE_0_0
 	dane_match_type_name;
 	dane_cert_usage_name;
 	dane_verification_status_print;
+	dane_state_set_dlv_file;
   local:
     *;
 };
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2013-01-17 19:49:06 +0100
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2013-01-17 19:49:06 +0100
commit	774543f65d55774871e5b0c800a36499f9a7c13a (patch)
tree	0ea2b19141929c560cd24ce452eb36eaa43de41a /libdane
parent	c65833784807abda0fd80167315b8d62615f79a6 (diff)
download	gnutls-774543f65d55774871e5b0c800a36499f9a7c13a.tar.gz