[AS_HELP_STRING([--with-default-crl-file=FILE],
[use the given CRL file as default])])
+AC_ARG_WITH([default-blacklist-file],
+ [AS_HELP_STRING([--with-default-blacklist-file=FILE],
+ [use the given certificate blacklist file as default])])
+
if test "x$with_default_trust_store_file" != x; then
AC_DEFINE_UNQUOTED([DEFAULT_TRUST_STORE_FILE],
["$with_default_trust_store_file"], [use the given file default trust store])
["$with_default_crl_file"], [use the given CRL file])
fi
+if test "x$with_default_blacklist_file" != x; then
+ AC_DEFINE_UNQUOTED([DEFAULT_BLACKLIST_FILE],
+ ["$with_default_blacklist_file"], [use the given certificate blacklist file])
+fi
+
dnl Guile bindings.
opt_guile_bindings=yes
AC_MSG_CHECKING([whether building Guile bindings])
Trust store pkcs: $with_default_trust_store_pkcs11
Trust store file: $with_default_trust_store_file
+ Blacklist file: $with_default_blacklist_file
CRL file: $with_default_crl_file
DNSSEC root key file: $unbound_root_key_file
])
r += ret;
#endif
+#ifdef DEFAULT_BLACKLIST_FILE
+ ret = gnutls_x509_trust_list_remove_trust_file(list, DEFAULT_BLACKLIST_FILE, GNUTLS_X509_FMT_PEM);
+ if (ret < 0) {
+ _gnutls_debug_log("Could not load blacklist file '%s'\n", DEFAULT_BLACKLIST_FILE);
+ }
+#endif
+
return r;
}
#elif defined(_WIN32)
CertCloseStore(store, 0);
}
+#ifdef DEFAULT_BLACKLIST_FILE
+ ret = gnutls_x509_trust_list_remove_trust_file(list, DEFAULT_BLACKLIST_FILE, GNUTLS_X509_FMT_PEM);
+ if (ret < 0) {
+ _gnutls_debug_log("Could not load blacklist file '%s'\n", DEFAULT_BLACKLIST_FILE);
+ }
+#endif
+
return r;
}
#elif defined(ANDROID) || defined(__ANDROID__)