#define GNUTLS_VFLAGS_TO_PROFILE(x) \
((((unsigned)x)>>24)&0xff)
+const char *
+ gnutls_certificate_verification_profile_get_name(gnutls_certificate_verification_profiles_t id) __GNUTLS_CONST__;
+gnutls_certificate_verification_profiles_t gnutls_certificate_verification_profile_get_id(const char *name) __GNUTLS_CONST__;
unsigned gnutls_x509_crt_check_issuer(gnutls_x509_crt_t cert,
gnutls_x509_crt_t issuer);
gnutls_aead_cipher_decryptv2;
} GNUTLS_3_6_9;
+GNUTLS_3_6_12
+{
+ global:
+ gnutls_certificate_verification_profile_get_name;
+ gnutls_certificate_verification_profile_get_id;
+} GNUTLS_3_6_10;
+
GNUTLS_FIPS140_3_4 {
global:
gnutls_cipher_self_test;
}
} else if (c_strcasecmp(name, "min-verification-profile")==0) {
gnutls_certificate_verification_profiles_t profile;
- profile = _gnutls_profile_get_id(value);
+ profile = gnutls_certificate_verification_profile_get_id(value);
if (profile == GNUTLS_PROFILE_UNKNOWN) {
_gnutls_debug_log("cfg: found unknown profile %s in %s\n",
return GNUTLS_SEC_PARAM_UNKNOWN;
}
-gnutls_certificate_verification_profiles_t _gnutls_profile_get_id(const char *name)
+/**
+ * gnutls_certificate_verification_profile_get_id:
+ * @name: is a profile name
+ *
+ * Convert a string to a #gnutls_certificate_verification_profiles_t value. The names are
+ * compared in a case insensitive way.
+ *
+ * Returns: a #gnutls_certificate_verification_profiles_t id of the specified profile,
+ * or %GNUTLS_PROFILE_UNKNOWN on failure.
+ **/
+gnutls_certificate_verification_profiles_t gnutls_certificate_verification_profile_get_id(const char *name)
{
const gnutls_profile_entry *p;
if (name == NULL)
return GNUTLS_PROFILE_UNKNOWN;
- for(p = profiles; p->name != NULL; p++) {
+ for (p = profiles; p->name != NULL; p++) {
if (c_strcasecmp(p->name, name) == 0)
return p->profile;
}
return GNUTLS_PROFILE_UNKNOWN;
}
+
+/**
+ * gnutls_certificate_verification_profile_get_name:
+ * @id: is a profile ID
+ *
+ * Convert a #gnutls_certificate_verification_profiles_t value to a string.
+ *
+ * Returns: a string that contains the name of the specified profile or %NULL.
+ **/
+const char *
+gnutls_certificate_verification_profile_get_name(gnutls_certificate_verification_profiles_t id)
+{
+ const gnutls_profile_entry *p;
+
+ for (p = profiles; p->name != NULL; p++) {
+ if (p->profile == id)
+ return p->name;
+ }
+
+ return NULL;
+}
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
-gnutls_certificate_verification_profiles_t _gnutls_profile_get_id(const char *name) __GNUTLS_PURE__;
gnutls_sec_param_t _gnutls_profile_to_sec_level(gnutls_certificate_verification_profiles_t profile) __GNUTLS_PURE__;
gnutls_certificate_verification_profiles_t _gnutls_get_system_wide_verification_profile(void);
fallback-scsv pkcs8-key-decode urls dtls-rehandshake-cert rfc7633-ok \
key-usage-rsa key-usage-ecdhe-rsa mini-session-verify-function auto-verify \
record-timeouts mini-dtls-hello-verify-48 set-default-prio \
- tls12-anon-upgrade tlsext-decoding rsa-psk-cb \
+ tls12-anon-upgrade tlsext-decoding rsa-psk-cb gnutls-ids \
rehandshake-switch-cert rehandshake-switch-cert-allow rehandshake-switch-cert-client \
rehandshake-switch-cert-client-allow handshake-versions dtls-handshake-versions \
dtls-max-record tls12-max-record alpn-server-prec ocsp-filename-memleak \
--- /dev/null
+/*
+ * Copyright (C) 2017 Red Hat
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * GnuTLS is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuTLS is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GnuTLS; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/dane.h>
+#include <assert.h>
+
+#include "utils.h"
+
+void doit(void)
+{
+ assert(gnutls_certificate_verification_profile_get_id("very weak") == GNUTLS_PROFILE_VERY_WEAK);
+ assert(gnutls_certificate_verification_profile_get_id("low") == GNUTLS_PROFILE_LOW);
+ assert(gnutls_certificate_verification_profile_get_id("legacy") == GNUTLS_PROFILE_LEGACY);
+ assert(gnutls_certificate_verification_profile_get_id("MedIum") == GNUTLS_PROFILE_MEDIUM);
+ assert(gnutls_certificate_verification_profile_get_id("ultra") == GNUTLS_PROFILE_ULTRA);
+ assert(gnutls_certificate_verification_profile_get_id("future") == GNUTLS_PROFILE_FUTURE);
+ assert(gnutls_certificate_verification_profile_get_id("xxx") == GNUTLS_PROFILE_UNKNOWN);
+}
check_non_null(gnutls_sec_param_get_name(i));
}
+ check_non_null(gnutls_certificate_verification_profile_get_name(GNUTLS_PROFILE_VERY_WEAK));
+ check_non_null(gnutls_certificate_verification_profile_get_name(GNUTLS_PROFILE_LOW));
+ check_non_null(gnutls_certificate_verification_profile_get_name(GNUTLS_PROFILE_LEGACY));
+ check_non_null(gnutls_certificate_verification_profile_get_name(GNUTLS_PROFILE_MEDIUM));
+ check_non_null(gnutls_certificate_verification_profile_get_name(GNUTLS_PROFILE_HIGH));
+ check_non_null(gnutls_certificate_verification_profile_get_name(GNUTLS_PROFILE_ULTRA));
+
for (i=GNUTLS_ECC_CURVE_INVALID+1;i<=GNUTLS_ECC_CURVE_MAX;i++) {
if (_gnutls_ecc_curve_is_supported(i) == 0)
continue;
projects / thirdparty / gnutls.git / commitdiff
