Added gnutls_x509_crt_set_tlsfeatures

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h
index 6f69617b3dd1b8afefb9ce0f4571af355b051e0c..de2ad541356964821c1c0c7b1e1bc286b6695dd4 100644 (file)
--- a/lib/includes/gnutls/x509.h
+++ b/lib/includes/gnutls/x509.h
@@ -462,6 +462,9 @@ int gnutls_x509_tlsfeatures_init(gnutls_x509_tlsfeatures_t *features);
 void gnutls_x509_tlsfeatures_deinit(gnutls_x509_tlsfeatures_t);
 int gnutls_x509_tlsfeatures_get(gnutls_x509_tlsfeatures_t f, unsigned idx, unsigned int *feature);
 
+int gnutls_x509_crt_set_tlsfeatures(gnutls_x509_crt_t crt,
+                                   gnutls_x509_tlsfeatures_t features);
+
 int gnutls_x509_crt_get_tlsfeatures(gnutls_x509_crt_t cert,
                                                                   gnutls_x509_tlsfeatures_t * features);
 

diff --git a/lib/x509/x509.c b/lib/x509/x509.c
index 16cc6be45d1815f714056ab718490ddedadfc1b1..3574e77c77f347fd50b8f14d2274ed26541c4d5b 100644 (file)
--- a/lib/x509/x509.c
+++ b/lib/x509/x509.c
@@ -2121,7 +2121,7 @@ int gnutls_x509_tlsfeatures_get(gnutls_x509_tlsfeatures_t f, unsigned idx, unsig
  *   features will be stored in this variable.
  *
  * This function will get the X.509 TLS features
- * extention structure from the certificate. The
+ * extension structure from the certificate. The
  * returned structure needs to be freed using
  * gnutls_x509_tlsfeatures_deinit().
  *

diff --git a/lib/x509/x509_write.c b/lib/x509/x509_write.c
index 797237719a41b85c432cdac3ccb02483d226662d..03989b1a8c65bde07a979dd7bf0a3f29bcdfd36b 100644 (file)
--- a/lib/x509/x509_write.c
+++ b/lib/x509/x509_write.c
@@ -1880,3 +1880,45 @@ gnutls_x509_crt_set_policy(gnutls_x509_crt_t crt,
 
        return ret;
 }
+
+/**
+ * gnutls_x509_crt_set_tlsfeatures:
+ * @crt: A X.509 certificate
+ * @features: If the function succeeds, the
+ *   features will be added to the certificate.
+ *
+ * This function will set the certificates
+ * X.509 TLS extention from the given structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error value.
+ *
+ * Since: TBD
+ **/
+int gnutls_x509_crt_set_tlsfeatures(gnutls_x509_crt_t crt,
+                                   gnutls_x509_tlsfeatures_t features)
+{
+       int ret;
+       gnutls_datum_t der;
+
+       if (crt == NULL || features == NULL) {
+               gnutls_assert();
+               return GNUTLS_E_INVALID_REQUEST;
+       }
+
+       ret = gnutls_x509_ext_export_tlsfeatures(features, &der);
+       if (ret < 0) {
+               gnutls_assert();
+               return ret;
+       }
+
+       ret = _gnutls_x509_crt_set_extension(crt, GNUTLS_X509EXT_OID_TLSFEATURES, &der, 0);
+
+       _gnutls_free_datum(&der);
+
+       if (ret < 0) {
+               gnutls_assert();
+       }
+
+       return ret;
+}