Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
gnutls.8596
gnutls-implement-trust-store-dir-3.2.10.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gnutls-implement-trust-store-dir-3.2.10.diff of Package gnutls.8596
Index: gnutls-3.2.10/configure.ac =================================================================== --- gnutls-3.2.10.orig/configure.ac +++ gnutls-3.2.10/configure.ac @@ -466,6 +466,25 @@ if test "$with_default_trust_store_file" with_default_trust_store_file="" fi +AC_ARG_WITH([default-trust-store-dir], + [AS_HELP_STRING([--with-default-trust-store-dir=DIRECTORY], + [use the given directory as default trust store])], with_default_trust_store_dir="$withval", + [if test "$build" = "$host" ; then + for i in \ + /etc/ssl/certs/ + do + if test -e $i ; then + with_default_trust_store_dir="$i" + break + fi + done + fi] +) + +if test "$with_default_trust_store_dir" = "no";then + with_default_trust_store_dir="" +fi + AC_ARG_WITH([default-crl-file], [AS_HELP_STRING([--with-default-crl-file=FILE], [use the given CRL file as default])]) @@ -479,6 +498,11 @@ if test "x$with_default_trust_store_file ["$with_default_trust_store_file"], [use the given file default trust store]) fi +if test "x$with_default_trust_store_dir" != x; then + AC_DEFINE_UNQUOTED([DEFAULT_TRUST_STORE_DIR], + ["$with_default_trust_store_dir"], [use the given directory default trust store]) +fi + if test "x$with_default_crl_file" != x; then AC_DEFINE_UNQUOTED([DEFAULT_CRL_FILE], ["$with_default_crl_file"], [use the given CRL file]) @@ -770,6 +794,7 @@ AC_MSG_NOTICE([System files: Trust store pkcs11: $with_default_trust_store_pkcs11 Trust store file: $with_default_trust_store_file + Trust store dir: $with_default_trust_store_dir Blacklist file: $with_default_blacklist_file CRL file: $with_default_crl_file DNSSEC root key file: $unbound_root_key_file Index: gnutls-3.2.10/lib/system.c =================================================================== --- gnutls-3.2.10.orig/lib/system.c +++ gnutls-3.2.10/lib/system.c @@ -364,7 +364,45 @@ int _gnutls_find_config_path(char *path, return 0; } -#if defined(DEFAULT_TRUST_STORE_FILE) || (defined(DEFAULT_TRUST_STORE_PKCS11) && defined(ENABLE_PKCS11)) +/* Used by both Android code and by Linux TRUST_STORE_DIR /etc/ssl/certs code */ +#if defined(DEFAULT_TRUST_STORE_DIR) || defined(ANDROID) || defined(__ANDROID__) +# include <dirent.h> +# include <unistd.h> +static int load_dir_certs(const char* dirname, gnutls_x509_trust_list_t list, + unsigned int tl_flags, unsigned int tl_vflags, unsigned type) +{ +DIR * dirp; +struct dirent *d; +int ret; +int r = 0; +char path[GNUTLS_PATH_MAX]; + + dirp = opendir(dirname); + if (dirp != NULL) + { + do + { + d = readdir(dirp); + if (d != NULL && d->d_type == DT_REG) + { + snprintf(path, sizeof(path), "%s/%s", dirname, d->d_name); + + ret = gnutls_x509_trust_list_add_trust_file(list, path, NULL, type, tl_flags, tl_vflags); + if (ret >= 0) + r += ret; + } + } + while(d != NULL); + closedir(dirp); + } + + return r; +} +#endif + + +#if defined(DEFAULT_TRUST_STORE_FILE) || (defined(DEFAULT_TRUST_STORE_PKCS11) && defined(ENABLE_PKCS11)) || defined(DEFAULT_TRUST_STORE_DIR) + static int add_system_trust(gnutls_x509_trust_list_t list, @@ -400,6 +438,12 @@ add_system_trust(gnutls_x509_trust_list_ r += ret; #endif +# ifdef DEFAULT_TRUST_STORE_DIR + ret = load_dir_certs(DEFAULT_TRUST_STORE_DIR, list, tl_flags, tl_vflags, GNUTLS_X509_FMT_PEM); + if (ret > 0) + r += ret; +# endif + #ifdef DEFAULT_BLACKLIST_FILE ret = gnutls_x509_trust_list_remove_trust_file(list, DEFAULT_BLACKLIST_FILE, GNUTLS_X509_FMT_PEM); if (ret < 0) { @@ -474,41 +518,6 @@ int add_system_trust(gnutls_x509_trust_l return r; } #elif defined(ANDROID) || defined(__ANDROID__) -#include <dirent.h> -#include <unistd.h> -static int load_dir_certs(const char *dirname, - gnutls_x509_trust_list_t list, - unsigned int tl_flags, unsigned int tl_vflags, - unsigned type) -{ - DIR *dirp; - struct dirent *d; - int ret; - int r = 0; - char path[GNUTLS_PATH_MAX]; - - dirp = opendir(dirname); - if (dirp != NULL) { - do { - d = readdir(dirp); - if (d != NULL && d->d_type == DT_REG) { - snprintf(path, sizeof(path), "%s/%s", - dirname, d->d_name); - - ret = - gnutls_x509_trust_list_add_trust_file - (list, path, NULL, type, tl_flags, - tl_vflags); - if (ret >= 0) - r += ret; - } - } - while (d != NULL); - closedir(dirp); - } - - return r; -} static int load_revoked_certs(gnutls_x509_trust_list_t list, unsigned type) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor