[sr #108123] [PATCH] Fix trust_list_add_system_trust on Windows

Marti INVALID.NOREPLY at gnu.org
Mon Sep 3 21:10:59 CEST 2012


                 Summary: [PATCH] Fix trust_list_add_system_trust on Windows
                 Project: GnuTLS
            Submitted by: intgr
            Submitted on: Mon 03 Sep 2012 10:10:58 PM EEST
                Category: Core library
                Priority: 5 - Normal
                Severity: 4 - Important
                  Status: None
                 Privacy: Public
             Assigned to: None
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
        Operating System: Microsoft Windows



Apparently gnutls_x509_trust_list_add_system_trust is broken on Windows -- it
never manages to import any certificates on the machines I tried it on (always
returning 0). Upon closer inspection, the gnutls_x509_trust_list_add_trust_mem
function always returned -49 (GNUTLS_E_NO_CERTIFICATE_FOUND). Looking further
in the function, the problem was obvious...

Patch attached:
Fix gnutls_x509_trust_list_add_trust_mem with DER-format certificates.

The function took a "type" argument and then happily proceeded to ignore
it and try PEM format anyway.

Most importantly, this makes gnutls_x509_trust_list_add_system_trust
work on Windows, which loads DER certificates using this function.  I'll
be damned if that actually ever worked properly -- certainly not in any
git version. :)

Also added test for gnutls_x509_trust_list_add_trust_mem.

Also available on github:

I agree to assign my copyrights on this patch to the FSF.


File Attachments:

Date: Mon 03 Sep 2012 10:10:58 PM EEST  Name: win32-systrust-fix.patch  Size:
6kB   By: intgr



Reply to this item at:


  Message sent via/by Savannah

More information about the Gnutls-devel mailing list