Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Remove redundancy in code which 'matches' cert to privkey
Yes, it doesn't *actually* do any matching... yet.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
  • Loading branch information
David Woodhouse authored and David Woodhouse committed Jun 13, 2012
1 parent 6307748 commit 88d01c9
Showing 1 changed file with 17 additions and 24 deletions.
41 changes: 17 additions & 24 deletions gnutls.c
Expand Up @@ -839,18 +839,7 @@ static int load_certificate(struct openconnect_info *vpninfo)
goto out;
}

/* FIXME: How do we check which cert matches the pkey?
For now we just assume that the first one in the list is the right one. */
if (!cert) {
cert = extra_certs[0];

/* Move the rest of the array down */
for (i = 0; i < nr_extra_certs - 1; i++)
extra_certs[i] = extra_certs[i+1];

nr_extra_certs--;
}
goto got_key;
goto match_cert;
}
#endif

Expand Down Expand Up @@ -880,18 +869,7 @@ static int load_certificate(struct openconnect_info *vpninfo)
if (ret)
goto out;

if (!cert) {
/* FIXME: How do we check which cert matches the pkey?
For now we just assume that the first one in the list is the right one. */
cert = extra_certs[0];

/* Move the rest of the array down */
for (i = 0; i < nr_extra_certs - 1; i++)
extra_certs[i] = extra_certs[i+1];

nr_extra_certs--;
}
goto got_key;
goto match_cert;
#endif
}

Expand Down Expand Up @@ -976,6 +954,21 @@ static int load_certificate(struct openconnect_info *vpninfo)
ret = -EINVAL;
goto out;

#ifdef HAVE_GNUTLS_CERTIFICATE_SET_KEY
match_cert:
if (!cert) {
/* FIXME: How do we check which cert matches the pkey?
For now we just assume that the first one in the list is the right one. */
cert = extra_certs[0];

/* Move the rest of the array down */
for (i = 0; i < nr_extra_certs - 1; i++)
extra_certs[i] = extra_certs[i+1];

nr_extra_certs--;
}
#endif

got_key:
/* Now we have both cert(s) and key, and we should be ready to go. */
check_certificate_expiry(vpninfo, cert);
Expand Down

0 comments on commit 88d01c9

Please sign in to comment.