]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
added print_cert_info_compact().
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Mon, 30 Jan 2012 19:59:08 +0000 (20:59 +0100)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Mon, 30 Jan 2012 19:59:08 +0000 (20:59 +0100)
src/cli.c
src/common.c
src/common.h

index bfe985166544b1bd31d02e6e2eeec62e9603aee3..a2d653b9b9cd21790befad88821e8826dd3696d3 100644 (file)
--- a/src/cli.c
+++ b/src/cli.c
@@ -492,7 +492,7 @@ cert_verify_callback (gnutls_session_t session)
                                        cert, 0);
       if (rc == GNUTLS_E_NO_CERTIFICATE_FOUND)
         {
-          print_cert_info(session, GNUTLS_CRT_PRINT_COMPACT, 0);
+          print_cert_info_compact(session);
           fprintf(stderr, "Host %s has never been contacted before and is not in the trusted list.\n", hostname);
           if (status == 0)
             fprintf(stderr, "Its certificate is valid for %s.\n", hostname);
@@ -503,7 +503,7 @@ cert_verify_callback (gnutls_session_t session)
         }
       else if (rc == GNUTLS_E_CERTIFICATE_KEY_MISMATCH)
         {
-          print_cert_info(session, GNUTLS_CRT_PRINT_COMPACT, 0);
+          print_cert_info_compact(session);
           fprintf(stderr, "Warning: host %s is known and it is associated with a different key.\n", hostname);
           fprintf(stderr, "It might be that the server has multiple keys, or an attacker replaced the key to eavesdrop this connection .\n");
           if (status == 0)
index c98ad04bf271b444c4ec851ce1ac1f558ed7da10..f35f16f9f7451d8ae84badf443f4ebd3d58d7eec 100644 (file)
@@ -67,7 +67,7 @@ raw_to_string (const unsigned char *raw, size_t raw_size)
 }
 
 static void
-print_x509_info_compact (gnutls_session_t session, int flag)
+print_x509_info_compact (gnutls_session_t session)
 {
     gnutls_x509_crt_t crt;
     const gnutls_datum_t *cert_list;
@@ -94,7 +94,7 @@ print_x509_info_compact (gnutls_session_t session, int flag)
       }
 
     ret =
-      gnutls_x509_crt_print (crt, flag, &cinfo);
+      gnutls_x509_crt_print (crt, GNUTLS_CRT_PRINT_COMPACT, &cinfo);
     if (ret == 0)
       {
         printf ("- X.509 cert: %s\n", cinfo.data);
@@ -112,9 +112,6 @@ print_x509_info (gnutls_session_t session, int flag, int print_cert)
     unsigned int cert_list_size = 0, j;
     int ret;
     
-    if (flag == GNUTLS_CRT_PRINT_COMPACT && print_cert == 0)
-      return print_x509_info_compact(session, flag);
-
     cert_list = gnutls_certificate_get_peers (session, &cert_list_size);
     if (cert_list_size == 0)
       {
@@ -122,8 +119,8 @@ print_x509_info (gnutls_session_t session, int flag, int print_cert)
           return;
       }
 
-    printf (" - Certificate type: X.509\n");
-    printf (" - Got a certificate list of %d certificates.\n",
+    printf ("- Certificate type: X.509\n");
+    printf ("- Got a certificate list of %d certificates.\n",
             cert_list_size);
 
     for (j = 0; j < cert_list_size; j++)
@@ -141,7 +138,7 @@ print_x509_info (gnutls_session_t session, int flag, int print_cert)
                 return;
             }
 
-          printf (" - Certificate[%d] info:\n  - ", j);
+          printf ("- Certificate[%d] info:\n - ", j);
 
           ret =
             gnutls_x509_crt_print (crt, flag, &cinfo);
@@ -292,7 +289,7 @@ verify_openpgp_hostname (gnutls_session_t session, const char *hostname)
 }
 
 static void
-print_openpgp_info_compact (gnutls_session_t session, int flag)
+print_openpgp_info_compact (gnutls_session_t session)
 {
 
     gnutls_openpgp_crt_t crt;
@@ -317,7 +314,7 @@ print_openpgp_info_compact (gnutls_session_t session, int flag)
             }
 
           ret =
-              gnutls_openpgp_crt_print (crt, flag, &cinfo);
+              gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_COMPACT, &cinfo);
           if (ret == 0)
             {
                 printf ("- OpenPGP cert: %s\n", cinfo.data);
@@ -337,10 +334,7 @@ print_openpgp_info (gnutls_session_t session, int flag, int print_cert)
     unsigned int cert_list_size = 0;
     int ret;
 
-    if (flag == GNUTLS_CRT_PRINT_COMPACT && print_cert == 0)
-      print_openpgp_info_compact(session, flag);
-    
-    printf (" - Certificate type: OpenPGP\n");
+    printf ("- Certificate type: OpenPGP\n");
 
     cert_list = gnutls_certificate_get_peers (session, &cert_list_size);
 
@@ -362,7 +356,7 @@ print_openpgp_info (gnutls_session_t session, int flag, int print_cert)
               gnutls_openpgp_crt_print (crt, flag, &cinfo);
           if (ret == 0)
             {
-                printf (" - %s\n", cinfo.data);
+                printf ("- %s\n", cinfo.data);
                 gnutls_free (cinfo.data);
             }
 
@@ -737,6 +731,29 @@ print_cert_info (gnutls_session_t session, int flag, int print_cert)
       }
 }
 
+void
+print_cert_info_compact (gnutls_session_t session)
+{
+
+    if (gnutls_certificate_client_get_request_status (session) != 0)
+        printf ("- Server has requested a certificate.\n");
+
+    switch (gnutls_certificate_type_get (session))
+      {
+      case GNUTLS_CRT_X509:
+          print_x509_info_compact (session);
+          break;
+#ifdef ENABLE_OPENPGP
+      case GNUTLS_CRT_OPENPGP:
+          print_openpgp_info_compact (session);
+          break;
+#endif
+      default:
+          printf ("Unknown type\n");
+          break;
+      }
+}
+
 void
 print_list (const char *priorities, int verbose)
 {
index 1e6ca3735e1398c847d282638873700f776a992d..da42835556e168da74321d6d5f8b66407fa0a68b 100644 (file)
@@ -51,6 +51,8 @@ extern const char str_unknown[];
 
 int print_info (gnutls_session_t state, int print_cert);
 void print_cert_info (gnutls_session_t, int flag, int print_cert);
+void print_cert_info_compact (gnutls_session_t session);
+
 void print_list (const char* priorities, int verbose);
 int cert_verify (gnutls_session_t session, const char* hostname);