diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-04-09 09:44:01 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-04-09 10:20:44 +0200 |
| commit | e665044f1c8894993665fcc1030dc4344326797a (patch) | |
| tree | 47475cf83c789016a6153bdfd76b6f8ab62c66d0 /tests/mini-x509.c | |
| parent | f7ad44f1b587e057070f57ceee521b8eecf060db (diff) | |
| download | gnutls-e665044f1c8894993665fcc1030dc4344326797a.tar.gz | |
Replaced gnutls_certificate_verify_peers3() with the extendable gnutls_certificate_verify_peers().
That will allow adding new functionality to verification
without the need to add new functions.
Diffstat (limited to 'tests/mini-x509.c')
| -rw-r--r-- | tests/mini-x509.c | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/tests/mini-x509.c b/tests/mini-x509.c index 3bb3908b4b..c4240fdb7c 100644 --- a/tests/mini-x509.c +++ b/tests/mini-x509.c @@ -164,6 +164,7 @@ void doit(void) gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); + gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -206,15 +207,24 @@ void doit(void) /* check the number of certificates received */ { unsigned cert_list_size = 0; + gnutls_typed_vdata_st data[2]; unsigned status; + memset(data, 0, sizeof(data)); + + data[0].type = GNUTLS_DT_DNS_HOSTNAME; + data[0].data = (void*)"localhost1"; + + data[1].type = GNUTLS_DT_KEY_PURPOSE_OID; + data[1].data = (void*)GNUTLS_KP_TLS_WWW_SERVER; + gnutls_certificate_get_peers(client, &cert_list_size); if (cert_list_size < 2) { fprintf(stderr, "received a certificate list of %d!\n", cert_list_size); exit(1); } - ret = gnutls_certificate_verify_peers4(client, "localhost1", GNUTLS_KP_TLS_WWW_SERVER, &status); + ret = gnutls_certificate_verify_peers(client, data, 2, &status); if (ret < 0) { fprintf(stderr, "could not verify certificate: %s\n", gnutls_strerror(ret)); exit(1); @@ -225,7 +235,10 @@ void doit(void) exit(1); } - ret = gnutls_certificate_verify_peers4(client, "localhost", GNUTLS_KP_TLS_WWW_SERVER, &status); + data[0].type = GNUTLS_DT_DNS_HOSTNAME; + data[0].data = (void*)"localhost"; + + ret = gnutls_certificate_verify_peers(client, data, 2, &status); if (ret < 0) { fprintf(stderr, "could not verify certificate: %s\n", gnutls_strerror(ret)); exit(1); |