commit 2f165060f096e14a30ef2479fadad74809032666
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Fri Mar 27 10:20:26 2015 +0100
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Fri Mar 27 10:20:26 2015 +0100
tree f6bd336327753bd1a0bd3942dc41c9b2c2654405
parent 75f901006bca497417c3b5a9638f5ebf6ba6bf52

Start introducing test_cas NULL-terminated list

include/mbedtls/certs.h

diff --git a/include/mbedtls/certs.h b/include/mbedtls/certs.h
index e2e9f77..d3c92a0 100644
--- a/include/mbedtls/certs.h
+++ b/include/mbedtls/certs.h
@@ -30,10 +30,14 @@
 extern "C" {
 #endif
 
-/* Concatenation of all available CA certificates */
+/* Concatenation of all CA certificates in PEM format if available */
 extern const char   test_ca_list[];
 extern const size_t test_ca_list_len;
 
+/* List of all CA certificates, terminated by NULL */
+extern const char * test_cas[];
+extern const size_t test_cas_len[];
+
 /*
  * Convenience for users who just want a certificate:
  * RSA by default, or ECDSA if RSA is not available

library/certs.c

diff --git a/library/certs.c b/library/certs.c
index f0435e1..8da552f 100644
--- a/library/certs.c
+++ b/library/certs.c
@@ -305,6 +305,26 @@
 const char test_ca_list[] = TEST_CA_CRT_RSA TEST_CA_CRT_EC;
 const size_t test_ca_list_len = sizeof( test_ca_list );
 
+/* List of all available CA certificates */
+const char * test_cas[] = {
+#if defined(POLARSSL_RSA_C)
+    test_ca_crt_rsa,
+#endif
+#if defined(POLARSSL_ECDSA_C)
+    test_ca_crt_ec,
+#endif
+    NULL
+};
+const size_t test_cas_len[] = {
+#if defined(POLARSSL_RSA_C)
+    test_ca_crt_rsa_len,
+#endif
+#if defined(POLARSSL_ECDSA_C)
+    test_ca_crt_ec_len,
+#endif
+    0
+};
+
 #if defined(POLARSSL_RSA_C)
 const char *test_ca_crt  = test_ca_crt_rsa;
 const char *test_ca_key  = test_ca_key_rsa;

programs/ssl/ssl_client2.c

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 5088cc6..93ab15b 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -946,8 +946,14 @@
     else
 #endif
 #if defined(POLARSSL_CERTS_C)
-        ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_list,
-                test_ca_list_len );
+        for( i = 0; test_cas[i] != NULL; i++ )
+        {
+            ret = x509_crt_parse( &cacert,
+                                  (const unsigned char *) test_cas[i],
+                                  test_cas_len[i] );
+            if( ret != 0 )
+                break;
+        }
 #else
     {
         ret = 1;

programs/ssl/ssl_server2.c

diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 0afe42b..8a3010f 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -1327,8 +1327,14 @@
     else
 #endif
 #if defined(POLARSSL_CERTS_C)
-        ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_list,
-                              test_ca_list_len );
+        for( i = 0; test_cas[i] != NULL; i++ )
+        {
+            ret = x509_crt_parse( &cacert,
+                                  (const unsigned char *) test_cas[i],
+                                  test_cas_len[i] );
+            if( ret != 0 )
+                break;
+        }
 #else
     {
         ret = 1;