From: Nikos Mavrogiannopoulos Date: Tue, 5 Mar 2013 15:01:20 +0000 (+0100) Subject: Revert "When making the hash list of the CAs avoid calling get_raw_*_dn() which is... X-Git-Tag: gnutls_3_1_10~59 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=291a467dbf4dd7576f899470c338bdd1bb483f02;p=thirdparty%2Fgnutls.git Revert "When making the hash list of the CAs avoid calling get_raw_*_dn() which is very costly." This reverts commit 1b7d66354e9b4d174b58233f4dd8ab46a1d45f14. --- diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c index b8f247da2e..fc59495198 100644 --- a/lib/x509/verify-high.c +++ b/lib/x509/verify-high.c @@ -164,7 +164,7 @@ gnutls_x509_trust_list_add_cas(gnutls_x509_trust_list_t list, uint32_t hash; for (i = 0; i < clist_size; i++) { - ret = gnutls_x509_crt_get_dn2(clist[i], &dn); + ret = gnutls_x509_crt_get_raw_dn(clist[i], &dn); if (ret < 0) { gnutls_assert(); return i; @@ -230,7 +230,7 @@ gnutls_x509_trust_list_add_named_crt(gnutls_x509_trust_list_t list, if (name_size >= MAX_SERVER_NAME_SIZE) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); - ret = gnutls_x509_crt_get_issuer_dn2(cert, &dn); + ret = gnutls_x509_crt_get_raw_issuer_dn(cert, &dn); if (ret < 0) { gnutls_assert(); return ret; @@ -298,7 +298,7 @@ gnutls_x509_trust_list_add_crls(gnutls_x509_trust_list_t list, return 0; for (i = 0; i < crl_size; i++) { - ret = gnutls_x509_crl_get_issuer_dn2(crl_list[i], &dn); + ret = gnutls_x509_crl_get_raw_issuer_dn(crl_list[i], &dn); if (ret < 0) { gnutls_assert(); return i; @@ -377,7 +377,7 @@ static int shorten_clist(gnutls_x509_trust_list_t list, * self-signed E but already removed above), and we trust B, remove * B, C and D. */ for (i = 1; i < clist_size; i++) { - ret = gnutls_x509_crt_get_issuer_dn2(certificate_list[i], &dn); + ret = gnutls_x509_crt_get_raw_issuer_dn(certificate_list[i], &dn); if (ret < 0) { gnutls_assert(); return ret; @@ -492,7 +492,7 @@ int gnutls_x509_trust_list_get_issuer(gnutls_x509_trust_list_t list, unsigned int i; uint32_t hash; - ret = gnutls_x509_crt_get_issuer_dn2(cert, &dn); + ret = gnutls_x509_crt_get_raw_issuer_dn(cert, &dn); if (ret < 0) { gnutls_assert(); return ret; @@ -561,7 +561,7 @@ gnutls_x509_trust_list_verify_crt(gnutls_x509_trust_list_t list, return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); ret = - gnutls_x509_crt_get_issuer_dn2(cert_list[cert_list_size - 1], + gnutls_x509_crt_get_raw_issuer_dn(cert_list[cert_list_size - 1], &dn); if (ret < 0) { gnutls_assert(); @@ -596,7 +596,7 @@ gnutls_x509_trust_list_verify_crt(gnutls_x509_trust_list_t list, } for (i = 0; i < cert_list_size - 1; i++) { - ret = gnutls_x509_crt_get_issuer_dn2(cert_list[i], &dn); + ret = gnutls_x509_crt_get_raw_issuer_dn(cert_list[i], &dn); if (ret < 0) { gnutls_assert(); return ret; @@ -655,7 +655,7 @@ gnutls_x509_trust_list_verify_named_crt(gnutls_x509_trust_list_t list, unsigned int i; uint32_t hash; - ret = gnutls_x509_crt_get_issuer_dn2(cert, &dn); + ret = gnutls_x509_crt_get_raw_issuer_dn(cert, &dn); if (ret < 0) { gnutls_assert(); return ret; @@ -708,7 +708,7 @@ _gnutls_trustlist_inlist (gnutls_x509_trust_list_t list, unsigned int i; uint32_t hash; - ret = gnutls_x509_crt_get_dn2 (cert, &dn); + ret = gnutls_x509_crt_get_raw_dn (cert, &dn); if (ret < 0) { gnutls_assert();