# undef HAS_ALPN
# if (GNUTLS_VERSION_NUMBER >= 0x030200)
# define HAS_ALPN
-# else
-# error http2 builds require GnuTLS >= 3.2.0 for ALPN support
# endif
# endif
#endif
infof(data, "%s\n", data->state.buffer);
}
-static gnutls_datum load_file (const char *file)
+static gnutls_datum_t load_file (const char *file)
{
FILE *f;
- gnutls_datum loaded_file = { NULL, 0 };
+ gnutls_datum_t loaded_file = { NULL, 0 };
long filelen;
void *ptr;
return loaded_file;
}
-static void unload_file(gnutls_datum data) {
+static void unload_file(gnutls_datum_t data) {
free(data.data);
}
{
struct SessionHandle *data = conn->data;
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
- gnutls_session session = conn->ssl[sockindex].session;
+ gnutls_session_t session = conn->ssl[sockindex].session;
curl_socket_t sockfd = conn->sock[sockindex];
long timeout_ms;
int rc;
}
}
-static gnutls_x509_crt_fmt do_file_type(const char *type)
+static gnutls_x509_crt_fmt_t do_file_type(const char *type)
{
if(!type || !type[0])
return GNUTLS_X509_FMT_PEM;
int sockindex)
{
struct SessionHandle *data = conn->data;
- gnutls_session session;
+ gnutls_session_t session;
int rc;
void *ssl_sessionid;
size_t ssl_idsize;
int sockindex)
{
unsigned int cert_list_size;
- const gnutls_datum *chainp;
+ const gnutls_datum_t *chainp;
unsigned int verify_status;
- gnutls_x509_crt x509_cert,x509_issuer;
- gnutls_datum issuerp;
+ gnutls_x509_crt_t x509_cert,x509_issuer;
+ gnutls_datum_t issuerp;
char certbuf[256]; /* big enough? */
size_t size;
unsigned int algo;
time_t certclock;
const char *ptr;
struct SessionHandle *data = conn->data;
- gnutls_session session = conn->ssl[sockindex].session;
+ gnutls_session_t session = conn->ssl[sockindex].session;
int rc;
int incache;
void *ssl_sessionid;
certclock = gnutls_x509_crt_get_expiration_time(x509_cert);
if(certclock == (time_t)-1) {
- failf(data, "server cert expiration date verify failed");
- return CURLE_SSL_CONNECT_ERROR;
- }
-
- if(certclock < time(NULL)) {
if(data->set.ssl.verifypeer) {
- failf(data, "server certificate expiration date has passed.");
- return CURLE_PEER_FAILED_VERIFICATION;
+ failf(data, "server cert expiration date verify failed");
+ return CURLE_SSL_CONNECT_ERROR;
}
else
- infof(data, "\t server certificate expiration date FAILED\n");
+ infof(data, "\t server certificate expiration date verify FAILED\n");
+ }
+ else {
+ if(certclock < time(NULL)) {
+ if(data->set.ssl.verifypeer) {
+ failf(data, "server certificate expiration date has passed.");
+ return CURLE_PEER_FAILED_VERIFICATION;
+ }
+ else
+ infof(data, "\t server certificate expiration date FAILED\n");
+ }
+ else
+ infof(data, "\t server certificate expiration date OK\n");
}
- else
- infof(data, "\t server certificate expiration date OK\n");
certclock = gnutls_x509_crt_get_activation_time(x509_cert);
if(certclock == (time_t)-1) {
- failf(data, "server cert activation date verify failed");
- return CURLE_SSL_CONNECT_ERROR;
- }
-
- if(certclock > time(NULL)) {
if(data->set.ssl.verifypeer) {
- failf(data, "server certificate not activated yet.");
- return CURLE_PEER_FAILED_VERIFICATION;
+ failf(data, "server cert activation date verify failed");
+ return CURLE_SSL_CONNECT_ERROR;
}
else
- infof(data, "\t server certificate activation date FAILED\n");
+ infof(data, "\t server certificate activation date verify FAILED\n");
+ }
+ else {
+ if(certclock > time(NULL)) {
+ if(data->set.ssl.verifypeer) {
+ failf(data, "server certificate not activated yet.");
+ return CURLE_PEER_FAILED_VERIFICATION;
+ }
+ else
+ infof(data, "\t server certificate activation date FAILED\n");
+ }
+ else
+ infof(data, "\t server certificate activation date OK\n");
}
- else
- infof(data, "\t server certificate activation date OK\n");
/* Show: