[sr #108123] [PATCH] Fix trust_list_add_system_trust on Windows

Marti INVALID.NOREPLY at gnu.org
Mon Sep 3 21:10:59 CEST 2012 

URL:
  <http://savannah.gnu.org/support/?108123>

                 Summary: [PATCH] Fix trust_list_add_system_trust on Windows
                 Project: GnuTLS
            Submitted by: intgr
            Submitted on: Mon 03 Sep 2012 10:10:58 PM EEST
                Category: Core library
                Priority: 5 - Normal
                Severity: 4 - Important
                  Status: None
                 Privacy: Public
             Assigned to: None
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
        Operating System: Microsoft Windows

    _______________________________________________________

Details:

Apparently gnutls_x509_trust_list_add_system_trust is broken on Windows -- it
never manages to import any certificates on the machines I tried it on (always
returning 0). Upon closer inspection, the gnutls_x509_trust_list_add_trust_mem
function always returned -49 (GNUTLS_E_NO_CERTIFICATE_FOUND). Looking further
in the function, the problem was obvious...

Patch attached:
---
Fix gnutls_x509_trust_list_add_trust_mem with DER-format certificates.

The function took a "type" argument and then happily proceeded to ignore
it and try PEM format anyway.

Most importantly, this makes gnutls_x509_trust_list_add_system_trust
work on Windows, which loads DER certificates using this function.  I'll
be damned if that actually ever worked properly -- certainly not in any
git version. :)

Also added test for gnutls_x509_trust_list_add_trust_mem.
---

Also available on github:
https://github.com/intgr/gnutls/tree/win32-systrust-fix

I agree to assign my copyrights on this patch to the FSF.




    _______________________________________________________

File Attachments:


-------------------------------------------------------
Date: Mon 03 Sep 2012 10:10:58 PM EEST  Name: win32-systrust-fix.patch  Size:
6kB   By: intgr

<http://savannah.gnu.org/support/download.php?file_id=26466>

    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/support/?108123>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/

More information about the Gnutls-devel mailing list