Lines 369-374
Link Here
|
369 |
*/ |
369 |
*/ |
370 |
if ( max == 1 && !gnutls_x509_crt_check_issuer( certs[0], certs[0] )) { |
370 |
if ( max == 1 && !gnutls_x509_crt_check_issuer( certs[0], certs[0] )) { |
371 |
gnutls_x509_crt_t *cas; |
371 |
gnutls_x509_crt_t *cas; |
|
|
372 |
#if GNUTLS_VERSION_MAJOR == 2 |
372 |
unsigned int i, j, ncas; |
373 |
unsigned int i, j, ncas; |
373 |
|
374 |
|
374 |
gnutls_certificate_get_x509_cas( ctx->cred, &cas, &ncas ); |
375 |
gnutls_certificate_get_x509_cas( ctx->cred, &cas, &ncas ); |
Lines 387-392
Link Here
|
387 |
if ( j == ncas ) |
388 |
if ( j == ncas ) |
388 |
break; |
389 |
break; |
389 |
} |
390 |
} |
|
|
391 |
#elif GNUTLS_VERSION_MAJOR == 3 |
392 |
gnutls_x509_crt_t ca; |
393 |
unsigned int i; |
394 |
for ( i = 1; i<VERIFY_DEPTH; i++ ) { |
395 |
rc= gnutls_certificate_get_issuer( ctx->cred, certs[i-1], &ca, 0 ); |
396 |
if ( rc ) return -1; |
397 |
certs[i] = ca; |
398 |
/* If this CA is self-signed, we're done */ |
399 |
if ( gnutls_x509_crt_check_issuer( ca, ca )) |
400 |
break; |
401 |
} |
402 |
#endif |
390 |
} |
403 |
} |
391 |
rc = gnutls_certificate_set_x509_key( ctx->cred, certs, max, key ); |
404 |
rc = gnutls_certificate_set_x509_key( ctx->cred, certs, max, key ); |
392 |
if ( rc ) return -1; |
405 |
if ( rc ) return -1; |