int gnutls_x509_name_constraints_init(gnutls_x509_name_constraints_t *nc);
void gnutls_x509_name_constraints_deinit(gnutls_x509_name_constraints_t nc);
+
+#define GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND 1
int gnutls_x509_crt_get_name_constraints(gnutls_x509_crt_t crt,
gnutls_x509_name_constraints_t nc,
- unsigned int append,
+ unsigned int flags,
unsigned int *critical);
int gnutls_x509_name_constraints_add_permitted(gnutls_x509_name_constraints_t nc,
gnutls_x509_subject_alt_name_t type,
* gnutls_x509_crt_get_name_constraints:
* @crt: should contain a #gnutls_x509_crt_t structure
* @nc: The nameconstraints intermediate structure
- * @append: whether the constraints from the certificate will be set or appended
+ * @flags: zero or %GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND
* @critical: the extension status
*
* This function will return an intermediate structure containing
* structure can be used in combination with gnutls_x509_name_constraints_check()
* to verify whether a server's name is in accordance with the constraints.
*
- * When the @append flag is set to 1, then if the @nc structure is empty
+ * When the @flags is set to %GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND, then if
+ * the @nc structure is empty
* this function will behave identically as if the flag was not set.
* Otherwise if there are elements in the @nc structure then only the
* excluded constraints will be appended to the constraints.
**/
int gnutls_x509_crt_get_name_constraints(gnutls_x509_crt_t crt,
gnutls_x509_name_constraints_t nc,
- unsigned int append,
+ unsigned int flags,
unsigned int *critical)
{
int result, ret;
goto cleanup;
}
- if (append == 0 || (nc->permitted == NULL && nc->excluded == NULL)) {
+ if (!(flags & GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND) || (nc->permitted == NULL && nc->excluded == NULL)) {
ret = extract_name_constraints(c2, "permittedSubtrees", &nc->permitted);
if (ret < 0) {
gnutls_assert();
projects / thirdparty / gnutls.git / commitdiff
