diff options
| author | Christian Grothoff <christian@grothoff.org> | 2013-10-26 12:36:51 +0000 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2013-10-26 12:36:51 +0000 |
| commit | aeb922926c639ffdd992f96cd125e47bb0e2c301 (patch) | |
| tree | 85097e40305035ad337f0c0e8dc0f95343dbed3a /src/gns/gnunet-gns-proxy.c | |
| parent | 7679eb4a51b8d0e9e4671dae00ca83c9f1b22de7 (diff) | |
| download | gnunet-aeb922926c639ffdd992f96cd125e47bb0e2c301.tar.gz gnunet-aeb922926c639ffdd992f96cd125e47bb0e2c301.zip | |
-moving code to parse IPv4/IPv6 subnet specifications to strings and making it part of the public API
Diffstat (limited to 'src/gns/gnunet-gns-proxy.c')
| -rw-r--r-- | src/gns/gnunet-gns-proxy.c | 34 |
1 files changed, 3 insertions, 31 deletions
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c index 968470bd9..4f65574dd 100644 --- a/src/gns/gnunet-gns-proxy.c +++ b/src/gns/gnunet-gns-proxy.c | |||
| @@ -26,7 +26,6 @@ | |||
| 26 | * | 26 | * |
| 27 | * TODO: | 27 | * TODO: |
| 28 | * - double-check queueing logic | 28 | * - double-check queueing logic |
| 29 | * - actually check SSL certificates (#3038) | ||
| 30 | */ | 29 | */ |
| 31 | #include "platform.h" | 30 | #include "platform.h" |
| 32 | #include <microhttpd.h> | 31 | #include <microhttpd.h> |
| @@ -877,6 +876,9 @@ check_ssl_certificate (struct Socks5Request *s5r) | |||
| 877 | 876 | ||
| 878 | /* FIXME: add flags to gnutls to NOT read UNBOUND_ROOT_KEY_FILE here! */ | 877 | /* FIXME: add flags to gnutls to NOT read UNBOUND_ROOT_KEY_FILE here! */ |
| 879 | if (0 != (rc = dane_state_init (&dane_state, | 878 | if (0 != (rc = dane_state_init (&dane_state, |
| 879 | #ifdef DANE_F_IGNORE_DNSSEC | ||
| 880 | DANE_F_IGNORE_DNSSEC | | ||
| 881 | #endif | ||
| 880 | DANE_F_IGNORE_LOCAL_RESOLVER))) | 882 | DANE_F_IGNORE_LOCAL_RESOLVER))) |
| 881 | { | 883 | { |
| 882 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 884 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
| @@ -957,36 +959,6 @@ check_ssl_certificate (struct Socks5Request *s5r) | |||
| 957 | } | 959 | } |
| 958 | } | 960 | } |
| 959 | gnutls_x509_crt_deinit (x509_cert); | 961 | gnutls_x509_crt_deinit (x509_cert); |
| 960 | #if 0 | ||
| 961 | { | ||
| 962 | unsigned int i; | ||
| 963 | |||
| 964 | for(i=0;i<cert_list_size;i++) | ||
| 965 | { | ||
| 966 | gnutls_x509_crt_t cert; | ||
| 967 | gnutls_datum_t dn; | ||
| 968 | |||
| 969 | if (GNUTLS_E_SUCCESS == gnutls_x509_crt_init (&cert)) | ||
| 970 | { | ||
| 971 | if (GNUTLS_E_SUCCESS == | ||
| 972 | gnutls_x509_crt_import (cert, &chainp[i], | ||
| 973 | GNUTLS_X509_FMT_DER)) | ||
| 974 | { | ||
| 975 | if (GNUTLS_E_SUCCESS == | ||
| 976 | gnutls_x509_crt_print (cert, | ||
| 977 | GNUTLS_CRT_PRINT_FULL, | ||
| 978 | &dn)) | ||
| 979 | { | ||
| 980 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
| 981 | "Certificate #%d: %.*s", i, dn.size, dn.data); | ||
| 982 | gnutls_free (dn.data); | ||
| 983 | } | ||
| 984 | } | ||
| 985 | gnutls_x509_crt_deinit (cert); | ||
| 986 | } | ||
| 987 | } | ||
| 988 | } | ||
| 989 | #endif | ||
| 990 | return GNUNET_OK; | 962 | return GNUNET_OK; |
| 991 | } | 963 | } |
| 992 | 964 | ||