From: Nikos Mavrogiannopoulos Date: Sun, 29 Jan 2012 15:06:38 +0000 (+0100) Subject: Revert "Added gnutls_ocsp_resp_verify() and some sign fixes." X-Git-Tag: gnutls_3_0_13~156 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=870a8a1cbb5276ce08aacec27b4fbe5540e39bcd;p=thirdparty%2Fgnutls.git Revert "Added gnutls_ocsp_resp_verify() and some sign fixes." This reverts commit efaa2ee176568fcd009ff2ca9daa1b7fdac4c491. Conflicts: lib/x509/ocsp.c --- diff --git a/lib/auth/cert.h b/lib/auth/cert.h index 55ff0bdf3c..b0931fb9f8 100644 --- a/lib/auth/cert.h +++ b/lib/auth/cert.h @@ -24,8 +24,8 @@ #define AUTH_CERT_H #include "gnutls_auth.h" #include -#include -#include +#include "x509/x509_int.h" +#include "openpgp/openpgp_int.h" #include #include #include diff --git a/lib/includes/gnutls/ocsp.h b/lib/includes/gnutls/ocsp.h index f2703c0655..89eb673f75 100644 --- a/lib/includes/gnutls/ocsp.h +++ b/lib/includes/gnutls/ocsp.h @@ -220,11 +220,11 @@ extern "C" gnutls_datum_t *issuer_name_hash, gnutls_datum_t *issuer_key_hash, gnutls_datum_t *serial_number, - unsigned int *cert_status, + int *cert_status, time_t *this_update, time_t *next_update, time_t *revocation_time, - unsigned int *revocation_reason); + int *revocation_reason); int gnutls_ocsp_resp_get_extension (gnutls_ocsp_resp_t resp, unsigned indx, gnutls_datum_t *oid, @@ -243,15 +243,11 @@ extern "C" int gnutls_ocsp_resp_verify_direct (gnutls_ocsp_resp_t resp, gnutls_x509_crt_t signercert, unsigned *verify, - unsigned int flags); + int flags); int gnutls_ocsp_resp_verify (gnutls_ocsp_resp_t resp, gnutls_x509_trust_list_t trustlist, unsigned *verify, - unsigned int flags); - int gnutls_ocsp_resp_verify_cred (gnutls_ocsp_resp_t resp, - gnutls_certificate_credentials_t cred, - unsigned *verify, - unsigned int flags); + int flags); #ifdef __cplusplus } diff --git a/lib/libgnutls.map b/lib/libgnutls.map index 98afb7456b..40765f8d54 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -773,7 +773,6 @@ GNUTLS_3_0_0 { gnutls_priority_ecc_curve_list; gnutls_verify_stored_pubkey; gnutls_store_pubkey; - gnutls_ocsp_resp_verify_cred; } GNUTLS_2_12; GNUTLS_PRIVATE { diff --git a/lib/openpgp/openpgp_int.h b/lib/openpgp/openpgp_int.h index 9f6b3a5212..c412e1ed9b 100644 --- a/lib/openpgp/openpgp_int.h +++ b/lib/openpgp/openpgp_int.h @@ -29,7 +29,7 @@ #ifdef ENABLE_OPENPGP -#include +#include #include #define KEYID_IMPORT(dst, src) { \ diff --git a/lib/x509/ocsp.c b/lib/x509/ocsp.c index cf9b08a948..1a0fa094cd 100644 --- a/lib/x509/ocsp.c +++ b/lib/x509/ocsp.c @@ -32,7 +32,6 @@ #include "verify-high.h" #include -#include typedef struct gnutls_ocsp_req_int { @@ -1332,11 +1331,11 @@ gnutls_ocsp_resp_get_single (gnutls_ocsp_resp_t resp, gnutls_datum_t *issuer_name_hash, gnutls_datum_t *issuer_key_hash, gnutls_datum_t *serial_number, - unsigned int *cert_status, + int *cert_status, time_t *this_update, time_t *next_update, time_t *revocation_time, - unsigned int *revocation_reason) + int *revocation_reason) { gnutls_datum_t sa; char name[ASN1_MAX_NAME_SIZE]; @@ -2158,8 +2157,8 @@ gnutls_ocsp_resp_verify_direct (gnutls_ocsp_resp_t resp, int gnutls_ocsp_resp_verify (gnutls_ocsp_resp_t resp, gnutls_x509_trust_list_t trustlist, - unsigned int *verify, - unsigned int flags) + unsigned *verify, + int flags) { gnutls_x509_crt_t signercert = NULL; int rc; @@ -2243,25 +2242,3 @@ gnutls_ocsp_resp_verify (gnutls_ocsp_resp_t resp, return rc; } - -/** - * gnutls_ocsp_resp_verify_cred: - * @resp: should contain a #gnutls_ocsp_resp_t structure - * @trustlist: the certificate credentials structure - * @verify: output variable with verification status, an #gnutls_ocsp_cert_status_t - * @flags: verification flags, 0 for now. - * - * This function is identical to gnutls_ocsp_resp_verify() but would - * use the trusted anchors from the certificate credentials structure. - * - * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a - * negative error value. - **/ -int -gnutls_ocsp_resp_verify_cred (gnutls_ocsp_resp_t resp, - gnutls_certificate_credentials_t cred, - unsigned int*verify, - unsigned int flags) -{ - return gnutls_ocsp_resp_verify( resp, cred->tlist, verify, flags); -} diff --git a/lib/x509/ocsp_output.c b/lib/x509/ocsp_output.c index 737b227a37..0a0601fee3 100644 --- a/lib/x509/ocsp_output.c +++ b/lib/x509/ocsp_output.c @@ -321,11 +321,11 @@ print_resp (gnutls_buffer_st * str, gnutls_ocsp_resp_t resp, { gnutls_digest_algorithm_t digest; gnutls_datum_t in, ik, sn; - unsigned int cert_status; + int cert_status; time_t this_update; time_t next_update; time_t revocation_time; - unsigned int revocation_reason; + int revocation_reason; ret = gnutls_ocsp_resp_get_single (resp, indx,