Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Cope with lack of gnutls_certificate_set_key() in GnuTLS 2.12
We *can* use arbitrary privkeys, by using the cert_callback to provide them on demand. And even without gnutls_privkey_import_ext() to give us a constructed privkey that represents the TPM key, we can cope by registering a sign_callback on the TLS session. This means that we can support the TPM, and also fix the lack of extra supporting certs and expiry check when using PKCS#11 certs with GnuTLS 2.12. It also means my code is an even bigger mess of #ifdefs than it was before. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
- Loading branch information