certtool: load_ca_cert() can load a CA from URLs

author Nikos Mavrogiannopoulos <nmav@redhat.com>

Fri, 9 Dec 2016 14:44:20 +0000 (15:44 +0100)

committer Nikos Mavrogiannopoulos <nmav@gnutls.org>

Mon, 19 Dec 2016 17:37:22 +0000 (18:37 +0100)
author Nikos Mavrogiannopoulos <nmav@redhat.com>
Fri, 9 Dec 2016 14:44:20 +0000 (15:44 +0100)
committer Nikos Mavrogiannopoulos <nmav@gnutls.org>
Mon, 19 Dec 2016 17:37:22 +0000 (18:37 +0100)
diff --git a/src/certtool-common.c b/src/certtool-common.c

index 04af0e94299454a5a9883bde5ad9fd7b7899471c..85196629bf92ce28331fa075f353f7310852971f 100644 (file)
--- a/src/certtool-common.c
+++ b/src/certtool-common.c
@@ -590,6 +590,16 @@ gnutls_x509_crt_t load_ca_cert(unsigned mand, common_info_st * info)
                 exit(1);
         }
  
+       if (gnutls_url_is_supported(info->ca) != 0) {
+               ret = gnutls_x509_crt_import_url(crt, info->ca, 0);
+               if (ret < 0) {
+                       fprintf(stderr, "error importing --load-ca-certificate: %s: %s\n",
+                               info->ca, gnutls_strerror(ret));
+                       exit(1);
+               }
+               return crt;
+       }
+
         dat.data = (void *) read_binary_file(info->ca, &size);
         dat.size = size;
  
@@ -602,7 +612,7 @@ gnutls_x509_crt_t load_ca_cert(unsigned mand, common_info_st * info)
         ret = gnutls_x509_crt_import(crt, &dat, info->incert_format);
         free(dat.data);
         if (ret < 0) {
-               fprintf(stderr, "importing --load-ca-certificate: %s: %s\n",
+               fprintf(stderr, "error importing --load-ca-certificate: %s: %s\n",
                         info->ca, gnutls_strerror(ret));
                 exit(1);
         }
author	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Fri, 9 Dec 2016 14:44:20 +0000 (15:44 +0100)
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>
	Mon, 19 Dec 2016 17:37:22 +0000 (18:37 +0100)