#ifdef CONFIG_GNUTLS
+#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
reason = "The certificate has been revoked";
}
-#ifndef GNUTLS_1_0_COMPAT
if (status & GNUTLS_CERT_INSECURE_ALGORITHM) {
reason = "The certificate uses an insecure algorithm";
}
-#endif
error_setg(errp,
"Our own certificate %s failed validation against %s: %s",
static void
-qcrypto_tls_creds_x509_prop_set_loaded(Object *obj,
- bool value,
- Error **errp)
+qcrypto_tls_creds_x509_complete(UserCreatable *uc, Error **errp)
{
- QCryptoTLSCredsX509 *creds = QCRYPTO_TLS_CREDS_X509(obj);
+ QCryptoTLSCredsX509 *creds = QCRYPTO_TLS_CREDS_X509(uc);
- qcrypto_tls_creds_x509_unload(creds);
- if (value) {
- qcrypto_tls_creds_x509_load(creds, errp);
- }
+ qcrypto_tls_creds_x509_load(creds, errp);
}
#endif /* ! CONFIG_GNUTLS */
-static void
-qcrypto_tls_creds_x509_complete(UserCreatable *uc, Error **errp)
-{
- object_property_set_bool(OBJECT(uc), "loaded", true, errp);
-}
-
-
static void
qcrypto_tls_creds_x509_init(Object *obj)
{
object_class_property_add_bool(oc, "loaded",
qcrypto_tls_creds_x509_prop_get_loaded,
- qcrypto_tls_creds_x509_prop_set_loaded);
+ NULL);
object_class_property_add_bool(oc, "sanity-check",
qcrypto_tls_creds_x509_prop_get_sanity,
qcrypto_tls_creds_x509_prop_set_sanity);