From: Nikos Mavrogiannopoulos Date: Sun, 30 Sep 2012 22:19:03 +0000 (+0200) Subject: Added gnutls_x509_crl_reason_flags_t. X-Git-Tag: gnutls_3_1_3~62 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=59f20230fa3813b35286cc73edfa7029c7b694f5;p=thirdparty%2Fgnutls.git Added gnutls_x509_crl_reason_flags_t. --- diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h index 8ca2e1b64a..94e01a4729 100644 --- a/lib/includes/gnutls/x509.h +++ b/lib/includes/gnutls/x509.h @@ -212,16 +212,34 @@ extern "C" gnutls_datum_t * data, unsigned int *critical); -#define GNUTLS_CRL_REASON_UNUSED 128 -#define GNUTLS_CRL_REASON_KEY_COMPROMISE 64 -#define GNUTLS_CRL_REASON_CA_COMPROMISE 32 -#define GNUTLS_CRL_REASON_AFFILIATION_CHANGED 16 -#define GNUTLS_CRL_REASON_SUPERSEDED 8 -#define GNUTLS_CRL_REASON_SUPERSEEDED GNUTLS_CRL_REASON_SUPERSEDED -#define GNUTLS_CRL_REASON_CESSATION_OF_OPERATION 4 -#define GNUTLS_CRL_REASON_CERTIFICATE_HOLD 2 -#define GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN 1 -#define GNUTLS_CRL_REASON_AA_COMPROMISE 32768 +#define GNUTLS_CRL_REASON_SUPERSEEDED GNUTLS_CRL_REASON_SUPERSEDED, + /** + * gnutls_x509_crl_reason_flags_t: + * @GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN: The privileges were withdrawn from the owner. + * @GNUTLS_CRL_REASON_CERTIFICATE_HOLD: The certificate is on hold. + * @GNUTLS_CRL_REASON_CESSATION_OF_OPERATION: The end-entity is no longer operating. + * @GNUTLS_CRL_REASON_SUPERSEDED: There is a newer certificate of the owner. + * @GNUTLS_CRL_REASON_AFFILIATION_CHANGED: The end-entity affiliation has changed. + * @GNUTLS_CRL_REASON_CA_COMPROMISE: The CA was compromised. + * @GNUTLS_CRL_REASON_KEY_COMPROMISE: The certificate's key was compromised. + * @GNUTLS_CRL_REASON_UNUSED: The key was never used. + * @GNUTLS_CRL_REASON_AA_COMPROMISE: AA compromised. + * + * Enumeration of types for the CRL revocation reasons. + */ + typedef enum gnutls_x509_crl_reason_flags_t + { + GNUTLS_CRL_REASON_UNSPECIFIED=0, + GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN=1, + GNUTLS_CRL_REASON_CERTIFICATE_HOLD=2, + GNUTLS_CRL_REASON_CESSATION_OF_OPERATION=4, + GNUTLS_CRL_REASON_SUPERSEDED=8, + GNUTLS_CRL_REASON_AFFILIATION_CHANGED=16, + GNUTLS_CRL_REASON_CA_COMPROMISE=32, + GNUTLS_CRL_REASON_KEY_COMPROMISE=64, + GNUTLS_CRL_REASON_UNUSED=128, + GNUTLS_CRL_REASON_AA_COMPROMISE=32768 + } gnutls_x509_crl_reason_flags_t; int gnutls_x509_crt_get_crl_dist_points (gnutls_x509_crt_t cert, unsigned int seq, void *ret, diff --git a/lib/x509/x509.c b/lib/x509/x509.c index 63be9bc5df..0e1430d189 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -2758,23 +2758,13 @@ gnutls_x509_crt_verify_hash (gnutls_x509_crt_t crt, unsigned int flags, * @seq: specifies the sequence number of the distribution point (0 for the first one, 1 for the second etc.) * @ret: is the place where the distribution point will be copied to * @ret_size: holds the size of ret. - * @reason_flags: Revocation reasons flags. + * @reason_flags: Revocation reasons. An ORed sequence of flags from %gnutls_x509_crl_reason_flags_t. * @critical: will be non (0) if the extension is marked as critical (may be null) * * This function retrieves the CRL distribution points (2.5.29.31), * contained in the given certificate in the X509v3 Certificate * Extensions. * - * @reason_flags should be an ORed sequence of - * %GNUTLS_CRL_REASON_UNUSED, %GNUTLS_CRL_REASON_KEY_COMPROMISE, - * %GNUTLS_CRL_REASON_CA_COMPROMISE, - * %GNUTLS_CRL_REASON_AFFILIATION_CHANGED, - * %GNUTLS_CRL_REASON_SUPERSEEDED, - * %GNUTLS_CRL_REASON_CESSATION_OF_OPERATION, - * %GNUTLS_CRL_REASON_CERTIFICATE_HOLD, - * %GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN, - * %GNUTLS_CRL_REASON_AA_COMPROMISE, or (0) for all possible reasons. - * * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER and updates @ret_size if * @ret_size is not enough to hold the distribution point, or the * type of the distribution point if everything was ok. The type is