[gnutls-devel] simplifying certificate verification
Ted Zlatanov
tzz at lifelogs.com
Tue Sep 8 16:21:49 CEST 2015
On Mon, 24 Aug 2015 13:58:08 +0200 Nikos Mavrogiannopoulos <n.mavrogiannopoulos at gmail.com> wrote:
NM> One the pains in using gnutls is the fact that there is needed quite
NM> some copy-paste code to perform certificate verification. I decided to
NM> simplify that from 3.5.0, using a function called
NM> gnutls_session_auto_verify_cert(), and the result can be seen on the
NM> following example
...
NM> I'd appreciate any comments or suggestions for improving that interface [0].
NM> [0]. https://gitlab.com/gnutls/gnutls/blob/master/lib/includes/gnutls/gnutls.h.in#L1296
To me it looks nice and usable. Are there reasons not to use it (other
than backwards compatibility)? Any logging gotchas for the users (since
the logging will change from their point of view if a GnuTLS upgrade
triggers the use of gnutls_session_auto_verify_cert())?
Thanks
Ted
More information about the Gnutls-devel
mailing list