[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] [PATCH] GnuTLS certificate loading

From: Giuseppe Scrivano
Subject: Re: [Bug-wget] [PATCH] GnuTLS certificate loading
Date: Mon, 05 Aug 2013 00:18:32 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)

Tim Rühsen <address@hidden> writes:

> Some improvements to gnutls.c, especially improved certificate loading.

thanks for the patch but it doesn't seem to apply to origin/master.

On what version is it based?  Could you please rebase it on master?

> diff --git a/src/gnutls.c b/src/gnutls.c
> index d90f46a..1661fb3 100644
> --- a/src/gnutls.c
> +++ b/src/gnutls.c
> @@ -46,6 +46,7 @@ as that of the covered work.  */
>  #include "connect.h"
>  #include "url.h"
>  #include "ptimer.h"
> +#include "hash.h"
>  #include "ssl.h"

can you please add an explicit dependency to the "hash" module in 

> +  if (!opt.ca_directory)
> +    ncerts = gnutls_certificate_set_x509_system_trust(credentials);
> +#endif

missing empty space after '('.  This is not the only occurrence I have seen.

+    ncerts = gnutls_certificate_set_x509_system_trust (credentials);

> +  _CHECK_CERT(GNUTLS_CERT_INVALID, "The certificate of %s is not 
> trusted.\n");
> +  _CHECK_CERT(GNUTLS_CERT_SIGNER_NOT_FOUND, "The certificate of %s hasn't 
> got a known issuer.\n");
> +  _CHECK_CERT(GNUTLS_CERT_REVOKED, "The certificate of %s has been 
> revoked.\n");
> +  _CHECK_CERT(GNUTLS_CERT_SIGNER_NOT_CA, "The certificate signer of %s was 
> not a CA.\n");
> +  _CHECK_CERT(GNUTLS_CERT_INSECURE_ALGORITHM, "The certificate of %s was 
> signed using an insecure algorithm.\n");
> +  _CHECK_CERT(GNUTLS_CERT_NOT_ACTIVATED, "The certificate of %s is not yet 
> activated.\n");
> +  _CHECK_CERT(GNUTLS_CERT_EXPIRED, "The certificate of %s has expired.\n");

I don't think that xgettext will parse these strings, can you please
change them to (and adapt the macro as well):

 _CHECK_CERT (GNUTLS_CERT_INVALID, _("The certificate of %s is not 

The rest of the patch seems correct to me.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]