moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00
Code Issues Releases Wiki Activity

fix warnings about shadowing

Browse Source
This commit is contained in:
Daniel Stenberg 2008-02-16 13:41:55 +00:00
parent 0da90b5d91
commit f7b71c2abe
1 changed files with 23 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
lib/gtls.c
View File

@ -225,7 +225,7 @@ Curl_gtls_connect(struct connectdata *conn,
size_t size;
unsigned int algo;
unsigned int bits;
time_t clock;
time_t certclock;
const char *ptr;
void *ssl_sessionid;
size_t ssl_idsize;
@ -344,6 +344,10 @@ Curl_gtls_connect(struct connectdata *conn,
}
if(data->set.ssl.verifypeer) {
gnutls_certificate_set_verify_limits(conn->ssl[sockindex].cred,
40200, 38);
/* This function will try to verify the peer's certificate and return its
status (trusted, invalid etc.). The value of status should be one or
more of the gnutls_certificate_status_t enumerated elements bitwise
@ -413,14 +417,14 @@ Curl_gtls_connect(struct connectdata *conn,
infof(data, "\t common name: %s (matched)\n", certbuf);
/* Check for time-based validity */
clock = gnutls_x509_crt_get_expiration_time(x509_cert);
certclock = gnutls_x509_crt_get_expiration_time(x509_cert);
if(clock == (time_t)-1) {
if(certclock == (time_t)-1) {
failf(data, "server cert expiration date verify failed");
return CURLE_SSL_CONNECT_ERROR;
}
if(clock < time(NULL)) {
if(certclock < time(NULL)) {
if(data->set.ssl.verifypeer) {
failf(data, "server certificate expiration date has passed.");
return CURLE_PEER_FAILED_VERIFICATION;
@ -431,14 +435,14 @@ Curl_gtls_connect(struct connectdata *conn,
else
infof(data, "\t server certificate expiration date OK\n");
clock = gnutls_x509_crt_get_activation_time(x509_cert);
certclock = gnutls_x509_crt_get_activation_time(x509_cert);
if(clock == (time_t)-1) {
if(certclock == (time_t)-1) {
failf(data, "server cert activation date verify failed");
return CURLE_SSL_CONNECT_ERROR;
}
if(clock > time(NULL)) {
if(certclock > time(NULL)) {
if(data->set.ssl.verifypeer) {
failf(data, "server certificate not activated yet.");
return CURLE_PEER_FAILED_VERIFICATION;
@ -474,11 +478,11 @@ Curl_gtls_connect(struct connectdata *conn,
gnutls_x509_crt_get_dn(x509_cert, certbuf, &size);
infof(data, "\t subject: %s\n", certbuf);
clock = gnutls_x509_crt_get_activation_time(x509_cert);
showtime(data, "start date", clock);
certclock = gnutls_x509_crt_get_activation_time(x509_cert);
showtime(data, "start date", certclock);
clock = gnutls_x509_crt_get_expiration_time(x509_cert);
showtime(data, "expire date", clock);
certclock = gnutls_x509_crt_get_expiration_time(x509_cert);
showtime(data, "expire date", certclock);
size = sizeof(certbuf);
gnutls_x509_crt_get_issuer_dn(x509_cert, certbuf, &size);
@ -543,16 +547,16 @@ void Curl_gtls_close_all(struct SessionHandle *data)
}
static void close_one(struct connectdata *conn,
int index)
int idx)
{
if(conn->ssl[index].session) {
gnutls_bye(conn->ssl[index].session, GNUTLS_SHUT_RDWR);
gnutls_deinit(conn->ssl[index].session);
conn->ssl[index].session = NULL;
if(conn->ssl[idx].session) {
gnutls_bye(conn->ssl[idx].session, GNUTLS_SHUT_RDWR);
gnutls_deinit(conn->ssl[idx].session);
conn->ssl[idx].session = NULL;
}
if(conn->ssl[index].cred) {
gnutls_certificate_free_credentials(conn->ssl[index].cred);
conn->ssl[index].cred = NULL;
if(conn->ssl[idx].cred) {
gnutls_certificate_free_credentials(conn->ssl[idx].cred);
conn->ssl[idx].cred = NULL;
}
}