From e665044f1c8894993665fcc1030dc4344326797a Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Wed, 9 Apr 2014 09:44:01 +0200
Subject: Replaced gnutls_certificate_verify_peers3() with the extendable
 gnutls_certificate_verify_peers().

That will allow adding new functionality to verification
without the need to add new functions.
---
 tests/mini-x509.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

(limited to 'tests/mini-x509.c')

diff --git a/tests/mini-x509.c b/tests/mini-x509.c
index 3bb3908b4b..c4240fdb7c 100644
--- a/tests/mini-x509.c
+++ b/tests/mini-x509.c
@@ -164,6 +164,7 @@ void doit(void)
 	gnutls_certificate_set_x509_key_mem(serverx509cred,
 					    &server_cert, &server_key,
 					    GNUTLS_X509_FMT_PEM);
+
 	gnutls_init(&server, GNUTLS_SERVER);
 	gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE,
 			       serverx509cred);
@@ -206,15 +207,24 @@ void doit(void)
 	/* check the number of certificates received */
 	{
 		unsigned cert_list_size = 0;
+		gnutls_typed_vdata_st data[2];
 		unsigned status;
 
+		memset(data, 0, sizeof(data));
+
+		data[0].type = GNUTLS_DT_DNS_HOSTNAME;
+		data[0].data = (void*)"localhost1";
+
+		data[1].type = GNUTLS_DT_KEY_PURPOSE_OID;
+		data[1].data = (void*)GNUTLS_KP_TLS_WWW_SERVER;
+
 		gnutls_certificate_get_peers(client, &cert_list_size);
 		if (cert_list_size < 2) {
 			fprintf(stderr, "received a certificate list of %d!\n", cert_list_size);
 			exit(1);
 		}
 
-		ret = gnutls_certificate_verify_peers4(client, "localhost1", GNUTLS_KP_TLS_WWW_SERVER, &status);
+		ret = gnutls_certificate_verify_peers(client, data, 2, &status);
 		if (ret < 0) {
 			fprintf(stderr, "could not verify certificate: %s\n", gnutls_strerror(ret));
 			exit(1);
@@ -225,7 +235,10 @@ void doit(void)
 			exit(1);
 		}
 
-		ret = gnutls_certificate_verify_peers4(client, "localhost", GNUTLS_KP_TLS_WWW_SERVER, &status);
+		data[0].type = GNUTLS_DT_DNS_HOSTNAME;
+		data[0].data = (void*)"localhost";
+
+		ret = gnutls_certificate_verify_peers(client, data, 2, &status);
 		if (ret < 0) {
 			fprintf(stderr, "could not verify certificate: %s\n", gnutls_strerror(ret));
 			exit(1);
-- 
cgit v1.2.1