Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openeuler
libvirt
提交
4d349ef7
L
libvirt
项目概览
openeuler
/
libvirt
通知
3
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
L
libvirt
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
4d349ef7
编写于
7月 26, 2011
作者:
D
Daniel P. Berrange
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Fix build with gnutls 1.0.x branch
上级
a4b4b6aa
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
16 addition
and
1 deletion
+16
-1
src/rpc/virnettlscontext.c
src/rpc/virnettlscontext.c
+15
-0
tests/virnettlscontexttest.c
tests/virnettlscontexttest.c
+1
-1
未找到文件。
src/rpc/virnettlscontext.c
浏览文件 @
4d349ef7
...
...
@@ -139,6 +139,15 @@ static int virNetTLSContextCheckCertTimes(gnutls_x509_crt_t cert,
return
0
;
}
#ifndef GNUTLS_1_0_COMPAT
/*
* The gnutls_x509_crt_get_basic_constraints function isn't
* available in GNUTLS 1.0.x branches. This isn't critical
* though, since gnutls_certificate_verify_peers2 will do
* pretty much the same check at runtime, so we can just
* disable this code
*/
static
int
virNetTLSContextCheckCertBasicConstraints
(
gnutls_x509_crt_t
cert
,
const
char
*
certFile
,
bool
isServer
,
...
...
@@ -180,6 +189,8 @@ static int virNetTLSContextCheckCertBasicConstraints(gnutls_x509_crt_t cert,
return
0
;
}
#endif
static
int
virNetTLSContextCheckCertKeyUsage
(
gnutls_x509_crt_t
cert
,
const
char
*
certFile
,
...
...
@@ -412,9 +423,11 @@ static int virNetTLSContextCheckCert(gnutls_x509_crt_t cert,
isServer
,
isCA
)
<
0
)
return
-
1
;
#ifndef GNUTLS_1_0_COMPAT
if
(
virNetTLSContextCheckCertBasicConstraints
(
cert
,
certFile
,
isServer
,
isCA
)
<
0
)
return
-
1
;
#endif
if
(
virNetTLSContextCheckCertKeyUsage
(
cert
,
certFile
,
isCA
)
<
0
)
...
...
@@ -1019,11 +1032,13 @@ static int virNetTLSContextValidCertificate(virNetTLSContextPtr ctxt,
/* !sess->isServer, since on the client, we're validating the
* server's cert, and on the server, the client's cert
*/
#ifndef GNUTLS_1_0_COMPAT
if
(
virNetTLSContextCheckCertBasicConstraints
(
cert
,
"[session]"
,
!
sess
->
isServer
,
false
)
<
0
)
{
gnutls_x509_crt_deinit
(
cert
);
goto
authdeny
;
}
#endif
if
(
virNetTLSContextCheckCertKeyUsage
(
cert
,
"[session]"
,
false
)
<
0
)
{
...
...
tests/virnettlscontexttest.c
浏览文件 @
4d349ef7
...
...
@@ -33,7 +33,7 @@
#include "command.h"
#include "network.h"
#if !defined WIN32 && HAVE_LIBTASN1_H
#if !defined WIN32 && HAVE_LIBTASN1_H
&& !defined GNUTLS_1_0_COMPAT
# include <libtasn1.h>
# include <gnutls/gnutls.h>
# include <gnutls/x509.h>
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录