/** * gnutls_x509_trust_list_add_trust_mem: * @list: The list * @cas: A buffer containing a list of CAs (optional) * @crls: A buffer containing a list of CRLs (optional) * @type: The format of the certificates * @tl_flags: flags from %gnutls_trust_list_flags_t * @tl_vflags: gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL * * This function will add the given certificate authorities * to the trusted list. * * Returns: The number of added elements is returned. * * Since: 3.1 **/ int gnutls_x509_trust_list_add_trust_mem(gnutls_x509_trust_list_t list, const gnutls_datum_t * cas, const gnutls_datum_t * crls, gnutls_x509_crt_fmt_t type, unsigned int tl_flags, unsigned int tl_vflags) { int ret; gnutls_x509_crt_t *x509_ca_list = NULL; gnutls_x509_crl_t *x509_crl_list = NULL; unsigned int x509_ncas, x509_ncrls; unsigned int r = 0; if (cas != NULL && cas->data != NULL) { ret = gnutls_x509_crt_list_import2(&x509_ca_list, &x509_ncas, cas, type, 0); if (ret < 0) return gnutls_assert_val(ret); ret = gnutls_x509_trust_list_add_cas(list, x509_ca_list, x509_ncas, tl_flags); gnutls_free(x509_ca_list); if (ret < 0) return gnutls_assert_val(ret); else r += ret; } if (crls != NULL && crls->data != NULL) { ret = gnutls_x509_crl_list_import2(&x509_crl_list, &x509_ncrls, crls, type, 0); if (ret < 0) return gnutls_assert_val(ret); ret = gnutls_x509_trust_list_add_crls(list, x509_crl_list, x509_ncrls, tl_flags|GNUTLS_TL_NO_DUPLICATES, tl_vflags); gnutls_free(x509_crl_list); if (ret < 0) return gnutls_assert_val(ret); else r += ret; } return r; }
/* Loads a CRL list */ gnutls_x509_crl_t *load_crl_list(int mand, size_t * crl_size, common_info_st * info) { FILE *fd; static gnutls_x509_crl_t *crl; unsigned int crl_max; int ret; gnutls_datum_t dat; size_t size; *crl_size = 0; if (info->verbose) fprintf(stderr, "Loading CRL list...\n"); if (info->crl == NULL) { if (mand) { fprintf(stderr, "missing --load-crl\n"); exit(1); } else return NULL; } fd = fopen(info->crl, "r"); if (fd == NULL) { fprintf(stderr, "Could not open %s\n", info->crl); exit(1); } fix_lbuffer(file_size(fd)); size = fread(lbuffer, 1, lbuffer_size - 1, fd); lbuffer[size] = 0; fclose(fd); dat.data = (void *) lbuffer; dat.size = size; ret = gnutls_x509_crl_list_import2(&crl, &crl_max, &dat, GNUTLS_X509_FMT_PEM, 0); if (ret < 0) { fprintf(stderr, "Error loading CRLs: %s\n", gnutls_strerror(ret)); exit(1); } *crl_size = crl_max; if (info->verbose) fprintf(stderr, "Loaded %d CRLs.\n", (int) *crl_size); return crl; }