Hi! First off: I know nothing about gnutls except what I can google together. I'm looking at compiling freeDiameter-1.1.2 on my system, which has gnutls-3.0.22 installed.
It doesn't compile because of ../libfdcore/libfdcore.so.1.1.2: undefined reference to `gnutls_certificate_get_x509_crls' ../libfdcore/libfdcore.so.1.1.2: undefined reference to `gnutls_certificate_get_x509_cas' I found http://www.gnu.org/software/gnutls/manual/html_node/Upgrading-from-previous-versions.html which says: gnutls_certificate_get_x509_crls, gnutls_certificate_get_x509_cas: Removed to allow updating the internal structures. Replaced by gnutls_certificate_get_issuer. The code looks like this: GNUTLS_TRACE( gnutls_certificate_get_x509_cas (fd_g_config->cnf_sec_data.credentials, &CA_list, (unsigned int *) &CA_list_length) ); GNUTLS_TRACE( gnutls_certificate_get_x509_crls (fd_g_config->cnf_sec_data.credentials, &CRL_list, (unsigned int *) &CRL_list_length) ); CHECK_GNUTLS_DO( gnutls_x509_crt_list_verify(certs, cert_max, CA_list, CA_list_length, CRL_list, CRL_list_length, 0, &verify), { TRACE_DEBUG(INFO, "Failed to verify the local certificate '%s' against local credentials. Please check your certificate is valid.", fd_g_config->cnf_sec_data.cert_file); return EINVAL; } ); I don't see how I can replace gnutls_certificate_get_x509_cas and gnutls_certificate_get_x509_crls with gnutls_certificate_get_issuer here because gnutls_x509_crt_list_verify needs CA_list and CRL_list filled out by the two functions. Please advise. If we come up with a fix, the next question will be what you recommend on keeping code backwards compatible with gnutls-2. Thanks, Thomas _______________________________________________ Help-gnutls mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-gnutls
