static void generate_request(gnutls_datum_t *nonce) { gnutls_datum_t dat; _generate_request(load_cert(), load_issuer(), &dat, nonce); fwrite(dat.data, 1, dat.size, outfile); gnutls_free(dat.data); }
static void generate_request (void) { gnutls_datum_t dat; _generate_request(load_cert(), load_issuer(), &dat, ENABLED_OPT(NONCE)); fwrite (dat.data, 1, dat.size, outfile); gnutls_free (dat.data); }
static void test_bad_addresses(void) { void test(const gchar *url) { GByteArray *req; struct gridd_client_s *client; GError *err; req = _generate_request(); client = gridd_client_create_empty(); g_assert(client != NULL); err = gridd_client_request(client, req, NULL, NULL); g_assert(err == NULL); err = gridd_client_connect_url(client, url); g_assert(err != NULL); g_clear_error (&err); g_byte_array_unref(req); gridd_client_free(client); }
int main (int argc, char *argv[]) { gnutls_datum_t ud, tmp; int ret; gnutls_datum_t req; gnutls_x509_crt_t cert, issuer, signer; #ifndef NO_LIBCURL CURL *handle; struct curl_slist *headers = NULL; #endif int v, seq; const char *cert_file = argv[1]; const char *issuer_file = argv[2]; const char *signer_file = argv[3]; char *hostname = NULL; gnutls_global_init (); if (argc > 4) hostname = argv[4]; cert = load_cert (cert_file); issuer = load_cert (issuer_file); signer = load_cert (signer_file); if (hostname == NULL) { for (seq = 0;; seq++) { ret = gnutls_x509_crt_get_authority_info_access (cert, seq, GNUTLS_IA_OCSP_URI, &tmp, NULL); if (ret == GNUTLS_E_UNKNOWN_ALGORITHM) continue; if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { fprintf (stderr, "No URI was found in the certificate.\n"); exit (1); } if (ret < 0) { fprintf (stderr, "error: %s\n", gnutls_strerror (ret)); exit (1); } printf ("CA issuers URI: %.*s\n", tmp.size, tmp.data); hostname = malloc (tmp.size + 1); memcpy (hostname, tmp.data, tmp.size); hostname[tmp.size] = 0; gnutls_free (tmp.data); break; } } /* Note that the OCSP servers hostname might be available * using gnutls_x509_crt_get_authority_info_access() in the issuer's * certificate */ memset (&ud, 0, sizeof (ud)); fprintf (stderr, "Connecting to %s\n", hostname); _generate_request (&req, cert, issuer); #ifndef NO_LIBCURL curl_global_init (CURL_GLOBAL_ALL); handle = curl_easy_init (); if (handle == NULL) exit (1); headers = curl_slist_append (headers, "Content-Type: application/ocsp-request"); curl_easy_setopt (handle, CURLOPT_HTTPHEADER, headers); curl_easy_setopt (handle, CURLOPT_POSTFIELDS, (void *) req.data); curl_easy_setopt (handle, CURLOPT_POSTFIELDSIZE, req.size); curl_easy_setopt (handle, CURLOPT_URL, hostname); curl_easy_setopt (handle, CURLOPT_WRITEFUNCTION, get_data); curl_easy_setopt (handle, CURLOPT_WRITEDATA, &ud); ret = curl_easy_perform (handle); if (ret != 0) { fprintf (stderr, "curl[%d] error %d\n", __LINE__, ret); exit (1); } curl_easy_cleanup (handle); #endif _response_info (&ud); v = _verify_response (&ud, cert, signer); gnutls_x509_crt_deinit (cert); gnutls_x509_crt_deinit (issuer); gnutls_x509_crt_deinit (signer); gnutls_global_deinit (); return v; }