]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
Test the return code of gnutls_x509_trust_list_add_trust_file() when loading a PKCS...
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 16 Jun 2014 09:30:13 +0000 (11:30 +0200)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 16 Jun 2014 09:30:15 +0000 (11:30 +0200)
Check whether the return code of gnutls_x509_trust_list_add_trust_file() is non-zero
when certificates are present.

tests/suite/pkcs11-chainverify.c

index 2aebcf5967d28222163728753da612468769d7ee..4c1106cdedf1d470d09ff57dae68cd4c14be5430 100644 (file)
@@ -225,7 +225,9 @@ void doit(void)
                }
 
                /* write CA certificate to softhsm */
-               ret = gnutls_pkcs11_copy_x509_crt(URL, ca, "test-ca", GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED|GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO);
+               ret = gnutls_pkcs11_copy_x509_crt(URL, ca, "test-ca", GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED|
+                       GNUTLS_PKCS11_OBJ_FLAG_MARK_CA|
+                       GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO);
                if (ret < 0) {
                        fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret));
                        exit(1);
@@ -235,7 +237,12 @@ void doit(void)
 
                ret = gnutls_x509_trust_list_add_trust_file(tl, URL, NULL, 0, 0, 0);
                if (ret < 0) {
-                       fail("gnutls_x509_trust_list_add_trust_file\n");
+                       fail("gnutls_x509_trust_list_add_trust_file: %s\n", gnutls_strerror(ret));
+                       exit(1);
+               }
+
+               if (ret < 1) {
+                       fail("gnutls_x509_trust_list_add_trust_file returned zero!\n");
                        exit(1);
                }