cert, 0);
if (rc == GNUTLS_E_NO_CERTIFICATE_FOUND)
{
- print_cert_info(session, GNUTLS_CRT_PRINT_COMPACT, 0);
+ print_cert_info_compact(session);
fprintf(stderr, "Host %s has never been contacted before and is not in the trusted list.\n", hostname);
if (status == 0)
fprintf(stderr, "Its certificate is valid for %s.\n", hostname);
}
else if (rc == GNUTLS_E_CERTIFICATE_KEY_MISMATCH)
{
- print_cert_info(session, GNUTLS_CRT_PRINT_COMPACT, 0);
+ print_cert_info_compact(session);
fprintf(stderr, "Warning: host %s is known and it is associated with a different key.\n", hostname);
fprintf(stderr, "It might be that the server has multiple keys, or an attacker replaced the key to eavesdrop this connection .\n");
if (status == 0)
}
static void
-print_x509_info_compact (gnutls_session_t session, int flag)
+print_x509_info_compact (gnutls_session_t session)
{
gnutls_x509_crt_t crt;
const gnutls_datum_t *cert_list;
}
ret =
- gnutls_x509_crt_print (crt, flag, &cinfo);
+ gnutls_x509_crt_print (crt, GNUTLS_CRT_PRINT_COMPACT, &cinfo);
if (ret == 0)
{
printf ("- X.509 cert: %s\n", cinfo.data);
unsigned int cert_list_size = 0, j;
int ret;
- if (flag == GNUTLS_CRT_PRINT_COMPACT && print_cert == 0)
- return print_x509_info_compact(session, flag);
-
cert_list = gnutls_certificate_get_peers (session, &cert_list_size);
if (cert_list_size == 0)
{
return;
}
- printf (" - Certificate type: X.509\n");
- printf (" - Got a certificate list of %d certificates.\n",
+ printf ("- Certificate type: X.509\n");
+ printf ("- Got a certificate list of %d certificates.\n",
cert_list_size);
for (j = 0; j < cert_list_size; j++)
return;
}
- printf (" - Certificate[%d] info:\n - ", j);
+ printf ("- Certificate[%d] info:\n - ", j);
ret =
gnutls_x509_crt_print (crt, flag, &cinfo);
}
static void
-print_openpgp_info_compact (gnutls_session_t session, int flag)
+print_openpgp_info_compact (gnutls_session_t session)
{
gnutls_openpgp_crt_t crt;
}
ret =
- gnutls_openpgp_crt_print (crt, flag, &cinfo);
+ gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_COMPACT, &cinfo);
if (ret == 0)
{
printf ("- OpenPGP cert: %s\n", cinfo.data);
unsigned int cert_list_size = 0;
int ret;
- if (flag == GNUTLS_CRT_PRINT_COMPACT && print_cert == 0)
- print_openpgp_info_compact(session, flag);
-
- printf (" - Certificate type: OpenPGP\n");
+ printf ("- Certificate type: OpenPGP\n");
cert_list = gnutls_certificate_get_peers (session, &cert_list_size);
gnutls_openpgp_crt_print (crt, flag, &cinfo);
if (ret == 0)
{
- printf (" - %s\n", cinfo.data);
+ printf ("- %s\n", cinfo.data);
gnutls_free (cinfo.data);
}
}
}
+void
+print_cert_info_compact (gnutls_session_t session)
+{
+
+ if (gnutls_certificate_client_get_request_status (session) != 0)
+ printf ("- Server has requested a certificate.\n");
+
+ switch (gnutls_certificate_type_get (session))
+ {
+ case GNUTLS_CRT_X509:
+ print_x509_info_compact (session);
+ break;
+#ifdef ENABLE_OPENPGP
+ case GNUTLS_CRT_OPENPGP:
+ print_openpgp_info_compact (session);
+ break;
+#endif
+ default:
+ printf ("Unknown type\n");
+ break;
+ }
+}
+
void
print_list (const char *priorities, int verbose)
{