[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
upgrading from 2 to 3: gnutls_certificate_get_x509_c{a,rl}s
From: |
Thomas Klausner |
Subject: |
upgrading from 2 to 3: gnutls_certificate_get_x509_c{a,rl}s |
Date: |
Fri, 17 Aug 2012 21:31:42 +0200 |
Hi!
First off: I know nothing about gnutls except what I can google
together. I'm looking at compiling freeDiameter-1.1.2 on my system,
which has gnutls-3.0.22 installed.
It doesn't compile because of
../libfdcore/libfdcore.so.1.1.2: undefined reference to
`gnutls_certificate_get_x509_crls'
../libfdcore/libfdcore.so.1.1.2: undefined reference to
`gnutls_certificate_get_x509_cas'
I found
http://www.gnu.org/software/gnutls/manual/html_node/Upgrading-from-previous-versions.html
which says:
gnutls_certificate_get_x509_crls, gnutls_certificate_get_x509_cas:
Removed to allow updating the internal structures. Replaced by
gnutls_certificate_get_issuer.
The code looks like this:
GNUTLS_TRACE( gnutls_certificate_get_x509_cas
(fd_g_config->cnf_sec_data.credentials, &CA_list, (unsigned int *)
&CA_list_length) );
GNUTLS_TRACE( gnutls_certificate_get_x509_crls
(fd_g_config->cnf_sec_data.credentials, &CRL_list, (unsigned int *)
&CRL_list_length) );
CHECK_GNUTLS_DO( gnutls_x509_crt_list_verify(certs, cert_max,
CA_list, CA_list_length, CRL_list, CRL_list_length, 0, &verify),
{
TRACE_DEBUG(INFO, "Failed to verify the local
certificate '%s' against local credentials. Please check your certificate is
valid.", fd_g_config->cnf_sec_data.cert_file);
return EINVAL;
} );
I don't see how I can replace gnutls_certificate_get_x509_cas and
gnutls_certificate_get_x509_crls with gnutls_certificate_get_issuer
here because gnutls_x509_crt_list_verify needs CA_list and CRL_list
filled out by the two functions.
Please advise.
If we come up with a fix, the next question will be what you recommend
on keeping code backwards compatible with gnutls-2.
Thanks,
Thomas
- upgrading from 2 to 3: gnutls_certificate_get_x509_c{a,rl}s,
Thomas Klausner <=