From: Nikos Mavrogiannopoulos Date: Fri, 10 Feb 2012 14:50:49 +0000 (+0100) Subject: updated documentation for back-end. X-Git-Tag: gnutls_3_0_13~70 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=9c08f32155f539d208f0addbc0e4f207a0bc7892;p=thirdparty%2Fgnutls.git updated documentation for back-end. --- diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi index a2656ad94d..d32be0daf0 100644 --- a/doc/cha-cert-auth.texi +++ b/doc/cha-cert-auth.texi @@ -293,6 +293,28 @@ shown in @ref{Simple client example with SSH-style certificate verification}. @showfuncdesc{gnutls_verify_stored_pubkey} @showfuncdesc{gnutls_store_pubkey} +The storage and verification functions may be used with the default +text file based backend, or another backend may be specified. Such +backend should contain a storage and a retrieval function. The format +of those functions is shown below. +@example + typedef int (*gnutls_trust_db_store_func) (const char* db_name, + const char* host, + const char* service, + time_t expiration, + const gnutls_datum_t* pubkey); + + typedef int (*gnutls_trust_db_retr_func) (const char* db_name, + const char* host, + const char* service, + const gnutls_datum_t *pubkey); + + typedef struct { + gnutls_trust_db_store_func store; + gnutls_trust_db_retr_func retrieve; + } trust_storage_st; +@end example + @node OpenPGP certificates @section @acronym{OpenPGP} certificates @cindex OpenPGP certificates diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 183ac946bd..c285427014 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -1677,7 +1677,7 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); gnutls_trust_db_store_func store; gnutls_trust_db_retr_func retrieve; } trust_storage_st; - + int gnutls_verify_stored_pubkey(const char* db_name, const trust_storage_st * tdb, const char* host, diff --git a/lib/verify-ssh.c b/lib/verify-ssh.c index 1f5320342c..9135b41a50 100644 --- a/lib/verify-ssh.c +++ b/lib/verify-ssh.c @@ -68,12 +68,12 @@ static const trust_storage_st default_storage = * a list of stored public keys. The @service field if non-NULL should * be a port number. * - * The @tdb variable if non-null specifies a custom back-end for + * The @tdb variable if non-null specifies a custom backend for * the storage and retrieval of entries. If it is NULL then the - * default file back-end will be used. In POSIX-like systems the - * file back-end uses the $HOME/.gnutls/known_hosts file. + * default file backend will be used. In POSIX-like systems the + * file backend uses the $HOME/.gnutls/known_hosts file. * - * Note that if the custom storage back-end is provided the + * Note that if the custom storage backend is provided the * retrieval function should return %GNUTLS_E_CERTIFICATE_KEY_MISMATCH * if the host/service pair is found but key doesn't match, * %GNUTLS_E_NO_CERTIFICATE_FOUND if no such host/service with @@ -439,9 +439,9 @@ FILE* fd; * the list of stored public keys. The key will be considered valid until * the provided expiration time. * - * The @tdb variable if non-null specifies a custom back-end for + * The @tdb variable if non-null specifies a custom backend for * the storage and retrieval of entries. If it is NULL then the - * default file back-end will be used. + * default file backend will be used. * * Note that this function is not thread safe with the default backend. *