[gnutls-devel] [PATCH] Check the credentials getter functions as part of the unit tests

[Nikos Mavrogiannopoulos]

On Thu, Sep 25, 2014 at 9:53 PM, Armin Burgmeier <armin at arbur.net> wrote:
>> >  tests/openpgp-auth.c |  47 ++++++++++++++++++++++
>> >  tests/x509cert.c     | 107 ++++++++++++++++++++++++++++++++++++++++++++++++---
>> >  2 files changed, 149 insertions(+), 5 deletions(-)
>>
>> Thank you. I've applied the complete patch set.
> Thanks! I suppose the ticket on savannah could then be closed as well.

I realized that gnutls_x509_trust_list_iter_get_ca() is incomplete.
When the trust list is on a pkcs11 trust module, iteration wouldn't
work.

That's seems to be easily done (at the cost of a very large iterator),
using the same enumeration as in
gnutls_x509_trust_list_add_trust_file(). That is using
gnutls_pkcs11_obj_list_import_url2() and then converting each one to
certificate using gnutls_x509_crt_import_pkcs11(). I could schedule to
do it, but if you can do it, it would be real help.

regards,
Nikos