p11tool: Allow marking a certificate as a CA.

author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2014-06-16 11:28:11 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2014-06-16 11:28:11 +0200
commit: 09702ea3e2fe5189badb371026b90a772308d4ca (patch)
tree: 8a0267442895ad6a4a19ca618bd893da40ec1652 /src/pkcs11.c
parent: 154b44fe0552ffad33291f73a06f9cde52af99da (diff)
download: gnutls-09702ea3e2fe5189badb371026b90a772308d4ca.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/src/pkcs11.c b/src/pkcs11.c
index 614d3e7f39..e9a3cce1bf 100644
--- a/src/pkcs11.c
+++ b/src/pkcs11.c
@@ -401,7 +401,7 @@ pkcs11_token_list(FILE * outfile, unsigned int detailed,
 
 void
 pkcs11_write(FILE * outfile, const char *url, const char *label,
-	     int trusted, int private,
+	     int trusted, int ca, int private,
 	     unsigned int login_flags, common_info_st * info)
 {
 	gnutls_x509_crt_t xcrt;
@@ -443,6 +443,11 @@ pkcs11_write(FILE * outfile, const char *url, const char *label,
 			    GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED |
 			    GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO;
 
+		if (ca)
+			flags |=
+			    GNUTLS_PKCS11_OBJ_FLAG_MARK_CA |
+			    GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO;
+
 		ret = gnutls_pkcs11_copy_x509_crt(url, xcrt, label, flags);
 		if (ret < 0) {
 			fprintf(stderr, "Error in %s:%d: %s\n", __func__,
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2014-06-16 11:28:11 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2014-06-16 11:28:11 +0200
commit	09702ea3e2fe5189badb371026b90a772308d4ca (patch)
tree	8a0267442895ad6a4a19ca618bd893da40ec1652 /src/pkcs11.c
parent	154b44fe0552ffad33291f73a06f9cde52af99da (diff)
download	gnutls-09702ea3e2fe5189badb371026b90a772308d4ca.tar.gz