Bug Summary

File:lib/x509/ocsp_output.c
Location:line 569, column 7
Description:Value stored to 'ret' is never read

Annotated Source Code

1/*
2 * Copyright (C) 2011-2012 Free Software Foundation, Inc.
3 * Author: Simon Josefsson
4 *
5 * This file is part of GnuTLS.
6 *
7 * The GnuTLS is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public License
9 * as published by the Free Software Foundation; either version 3 of
10 * the License, or (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this program. If not, see <http://www.gnu.org/licenses/>
19 *
20 */
21
22/* Online Certificate Status Protocol - RFC 2560
23 */
24
25#include <gnutls_int.h>
26#include <gnutls_global.h>
27#include <gnutls_errors.h>
28#include <libtasn1.h>
29#include <gnutls_pk.h>
30#include "algorithms.h"
31
32#include <gnutls/ocsp.h>
33
34/* I18n of error codes. */
35#include "gettext.h"
36#define _(String)dgettext ("gnutls", String) dgettext (PACKAGE"gnutls", String)
37
38#define addf_gnutls_buffer_append_printf _gnutls_buffer_append_printf
39#define adds_gnutls_buffer_append_str _gnutls_buffer_append_str
40
41static void
42print_req (gnutls_buffer_st * str, gnutls_ocsp_req_t req)
43{
44 int ret;
45 unsigned indx;
46
47 /* Version. */
48 {
49 int version = gnutls_ocsp_req_get_version (req);
50 if (version < 0)
51 addf_gnutls_buffer_append_printf (str, "error: get_version: %s\n", gnutls_strerror (version));
52 else
53 addf_gnutls_buffer_append_printf (str, _("\tVersion: %d\n")dgettext ("gnutls", "\tVersion: %d\n"), version);
54 }
55
56 /* XXX requestorName */
57
58 /* requestList */
59 addf_gnutls_buffer_append_printf (str, "\tRequest List:\n");
60 for (indx = 0; ; indx++)
61 {
62 gnutls_digest_algorithm_t digest;
63 gnutls_datum_t in, ik, sn;
64
65 ret = gnutls_ocsp_req_get_cert_id (req, indx, &digest, &in, &ik, &sn);
66 if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE-56)
67 break;
68 addf_gnutls_buffer_append_printf (str, "\t\tCertificate ID:\n");
69 if (ret != GNUTLS_E_SUCCESS0)
70 {
71 addf_gnutls_buffer_append_printf (str, "error: get_cert_id: %s\n",
72 gnutls_strerror (ret));
73 continue;
74 }
75 addf_gnutls_buffer_append_printf (str, "\t\t\tHash Algorithm: %s\n",
76 _gnutls_digest_get_name (digest));
77
78 adds_gnutls_buffer_append_str (str, "\t\t\tIssuer Name Hash: ");
79 _gnutls_buffer_hexprint (str, in.data, in.size);
80 adds_gnutls_buffer_append_str (str, "\n");
81
82 adds_gnutls_buffer_append_str (str, "\t\t\tIssuer Key Hash: ");
83 _gnutls_buffer_hexprint (str, ik.data, ik.size);
84 adds_gnutls_buffer_append_str (str, "\n");
85
86 adds_gnutls_buffer_append_str (str, "\t\t\tSerial Number: ");
87 _gnutls_buffer_hexprint (str, sn.data, sn.size);
88 adds_gnutls_buffer_append_str (str, "\n");
89
90 gnutls_free (in.data);
91 gnutls_free (ik.data);
92 gnutls_free (sn.data);
93
94 /* XXX singleRequestExtensions */
95 }
96
97 for (indx = 0; ; indx++)
98 {
99 gnutls_datum_t oid;
100 unsigned int critical;
101 gnutls_datum_t data;
102
103 ret = gnutls_ocsp_req_get_extension (req, indx, &oid, &critical, &data);
104 if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE-56)
105 break;
106 else if (ret != GNUTLS_E_SUCCESS0)
107 {
108 addf_gnutls_buffer_append_printf (str, "error: get_extension: %s\n",
109 gnutls_strerror (ret));
110 continue;
111 }
112 if (indx == 0)
113 adds_gnutls_buffer_append_str (str, "\tExtensions:\n");
114
115 if (memcmp (oid.data, GNUTLS_OCSP_NONCE"1.3.6.1.5.5.7.48.1.2", oid.size) == 0)
116 {
117 gnutls_datum_t nonce;
118 unsigned int critical;
119
120 ret = gnutls_ocsp_req_get_nonce (req, &critical, &nonce);
121 if (ret != GNUTLS_E_SUCCESS0)
122 {
123 addf_gnutls_buffer_append_printf (str, "error: get_nonce: %s\n",
124 gnutls_strerror (ret));
125 }
126 else
127 {
128 addf_gnutls_buffer_append_printf (str, "\t\tNonce%s: ", critical ? " (critical)" : "");
129 _gnutls_buffer_hexprint (str, nonce.data, nonce.size);
130 adds_gnutls_buffer_append_str (str, "\n");
131 gnutls_free (nonce.data);
132 }
133 }
134 else
135 {
136 addf_gnutls_buffer_append_printf (str, "\t\tUnknown extension %s (%s):\n", oid.data,
137 critical ? "critical" : "not critical");
138
139 addf_gnutls_buffer_append_printf (str, _("\t\t\tASCII: ")dgettext ("gnutls", "\t\t\tASCII: "));
140 _gnutls_buffer_asciiprint (str, data.data, data.size);
141 addf_gnutls_buffer_append_printf (str, "\n");
142
143 addf_gnutls_buffer_append_printf (str, _("\t\t\tHexdump: ")dgettext ("gnutls", "\t\t\tHexdump: "));
144 _gnutls_buffer_hexprint (str, data.data, data.size);
145 adds_gnutls_buffer_append_str (str, "\n");
146 }
147
148 gnutls_free (oid.data);
149 gnutls_free (data.data);
150 }
151
152 /* XXX Signature */
153}
154
155/**
156 * gnutls_ocsp_req_print:
157 * @req: The structure to be printed
158 * @format: Indicate the format to use
159 * @out: Newly allocated datum with (0) terminated string.
160 *
161 * This function will pretty print a OCSP request, suitable for
162 * display to a human.
163 *
164 * If the format is %GNUTLS_PRINT_FULL then all fields of the request
165 * will be output, on multiple lines.
166 *
167 * The output @out->data needs to be deallocate using gnutls_free().
168 *
169 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
170 * negative error value.
171 **/
172int
173gnutls_ocsp_req_print (gnutls_ocsp_req_t req,
174 gnutls_ocsp_print_formats_t format,
175 gnutls_datum_t * out)
176{
177 gnutls_buffer_st str;
178 int rc;
179
180 if (format != GNUTLS_OCSP_PRINT_FULL)
181 {
182 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "ocsp_output.c",182); } while(0);;
183 return GNUTLS_E_INVALID_REQUEST-50;
184 }
185
186 _gnutls_buffer_init (&str);
187
188 _gnutls_buffer_append_str (&str, _("OCSP Request Information:\n")dgettext ("gnutls", "OCSP Request Information:\n"));
189
190 print_req (&str, req);
191
192 _gnutls_buffer_append_data (&str, "\0", 1);
193
194 rc = _gnutls_buffer_to_datum (&str, out);
195 if (rc != GNUTLS_E_SUCCESS0)
196 {
197 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "ocsp_output.c",197); } while(0);;
198 return rc;
199 }
200
201 return GNUTLS_E_SUCCESS0;
202}
203
204static void
205print_resp (gnutls_buffer_st * str, gnutls_ocsp_resp_t resp)
206{
207 int ret;
208 unsigned indx;
209
210 ret = gnutls_ocsp_resp_get_status (resp);
211 if (ret < 0)
212 {
213 addf_gnutls_buffer_append_printf (str, "error: ocsp_resp_get_status: %s\n",
214 gnutls_strerror (ret));
215 return;
216 }
217
218 adds_gnutls_buffer_append_str (str, "\tResponse Status: ");
219 switch (ret)
220 {
221 case GNUTLS_OCSP_RESP_SUCCESSFUL:
222 adds_gnutls_buffer_append_str (str, "Successful\n");
223 break;
224
225 case GNUTLS_OCSP_RESP_MALFORMEDREQUEST:
226 adds_gnutls_buffer_append_str (str, "malformedRequest\n");
227 return;
228
229 case GNUTLS_OCSP_RESP_INTERNALERROR:
230 adds_gnutls_buffer_append_str (str, "internalError\n");
231 return;
232
233 case GNUTLS_OCSP_RESP_TRYLATER:
234 adds_gnutls_buffer_append_str (str, "tryLater\n");
235 return;
236
237 case GNUTLS_OCSP_RESP_SIGREQUIRED:
238 adds_gnutls_buffer_append_str (str, "sigRequired\n");
239 return;
240
241 case GNUTLS_OCSP_RESP_UNAUTHORIZED:
242 adds_gnutls_buffer_append_str (str, "unauthorized\n");
243 return;
244
245 default:
246 adds_gnutls_buffer_append_str (str, "unknown\n");
247 return;
248 }
249
250 {
251 gnutls_datum_t oid;
252
253 ret = gnutls_ocsp_resp_get_response (resp, &oid, NULL((void*)0));
254 if (ret < 0)
255 {
256 addf_gnutls_buffer_append_printf (str, "error: get_response: %s\n", gnutls_strerror (ret));
257 return;
258 }
259
260 adds_gnutls_buffer_append_str (str, "\tResponse Type: ");
261#define OCSP_BASIC"1.3.6.1.5.5.7.48.1.1" "1.3.6.1.5.5.7.48.1.1"
262
263 if (oid.size == sizeof (OCSP_BASIC"1.3.6.1.5.5.7.48.1.1")
264 && memcmp (oid.data, OCSP_BASIC"1.3.6.1.5.5.7.48.1.1", oid.size) == 0)
265 {
266 adds_gnutls_buffer_append_str (str, "Basic OCSP Response\n");
267 gnutls_free (oid.data);
268 }
269 else
270 {
271 addf_gnutls_buffer_append_printf (str, "Unknown response type (%.*s)\n", oid.size, oid.data);
272 gnutls_free (oid.data);
273 return;
274 }
275 }
276
277 /* Version. */
278 {
279 int version = gnutls_ocsp_resp_get_version (resp);
280 if (version < 0)
281 addf_gnutls_buffer_append_printf (str, "error: get_version: %s\n", gnutls_strerror (version));
282 else
283 addf_gnutls_buffer_append_printf (str, _("\tVersion: %d\n")dgettext ("gnutls", "\tVersion: %d\n"), version);
284 }
285
286 /* responderID */
287 {
288 gnutls_datum_t dn;
289
290 /* XXX byKey */
291
292 ret = gnutls_ocsp_resp_get_responder (resp, &dn);
293 if (ret < 0)
294 addf_gnutls_buffer_append_printf (str, "error: get_dn: %s\n", gnutls_strerror (ret));
295 else
296 {
297 addf_gnutls_buffer_append_printf (str, _("\tResponder ID: %.*s\n")dgettext ("gnutls", "\tResponder ID: %.*s\n"), dn.size, dn.data);
298 gnutls_free (dn.data);
299 }
300 }
301
302 {
303 char s[42];
304 size_t max = sizeof (s);
305 struct tm t;
306 time_t tim = gnutls_ocsp_resp_get_produced (resp);
307
308 if (tim == (time_t) -1)
309 addf_gnutls_buffer_append_printf (str, "error: ocsp_resp_get_produced\n");
310 else if (gmtime_r (&tim, &t) == NULL((void*)0))
311 addf_gnutls_buffer_append_printf (str, "error: gmtime_r (%ld)\n", (unsigned long) tim);
312 else if (strftime (s, max, "%a %b %d %H:%M:%S UTC %Y", &t) == 0)
313 addf_gnutls_buffer_append_printf (str, "error: strftime (%ld)\n", (unsigned long) tim);
314 else
315 addf_gnutls_buffer_append_printf (str, _("\tProduced At: %s\n")dgettext ("gnutls", "\tProduced At: %s\n"), s);
316 }
317
318 addf_gnutls_buffer_append_printf (str, "\tResponses:\n");
319 for (indx = 0; ; indx++)
320 {
321 gnutls_digest_algorithm_t digest;
322 gnutls_datum_t in, ik, sn;
323 int cert_status;
324 time_t this_update;
325 time_t next_update;
326 time_t revocation_time;
327 int revocation_reason;
328
329 ret = gnutls_ocsp_resp_get_single (resp,
330 indx,
331 &digest, &in, &ik, &sn,
332 &cert_status,
333 &this_update,
334 &next_update,
335 &revocation_time,
336 &revocation_reason);
337 if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE-56)
338 break;
339 addf_gnutls_buffer_append_printf (str, "\t\tCertificate ID:\n");
340 if (ret != GNUTLS_E_SUCCESS0)
341 {
342 addf_gnutls_buffer_append_printf (str, "error: get_singleresponse: %s\n",
343 gnutls_strerror (ret));
344 continue;
345 }
346 addf_gnutls_buffer_append_printf (str, "\t\t\tHash Algorithm: %s\n",
347 _gnutls_digest_get_name (digest));
348
349 adds_gnutls_buffer_append_str (str, "\t\t\tIssuer Name Hash: ");
350 _gnutls_buffer_hexprint (str, in.data, in.size);
351 adds_gnutls_buffer_append_str (str, "\n");
352
353 adds_gnutls_buffer_append_str (str, "\t\t\tIssuer Key Hash: ");
354 _gnutls_buffer_hexprint (str, ik.data, ik.size);
355 adds_gnutls_buffer_append_str (str, "\n");
356
357 adds_gnutls_buffer_append_str (str, "\t\t\tSerial Number: ");
358 _gnutls_buffer_hexprint (str, sn.data, sn.size);
359 adds_gnutls_buffer_append_str (str, "\n");
360
361 gnutls_free (in.data);
362 gnutls_free (ik.data);
363 gnutls_free (sn.data);
364
365 {
366 const char *p = NULL((void*)0);
367
368 switch (cert_status)
369 {
370 case GNUTLS_OCSP_CERT_GOOD:
371 p = "good";
372 break;
373
374 case GNUTLS_OCSP_CERT_REVOKED:
375 p = "revoked";
376 break;
377
378 case GNUTLS_OCSP_CERT_UNKNOWN:
379 p = "unknown";
380 break;
381
382 default:
383 addf_gnutls_buffer_append_printf (str, "\t\tCertificate Status: unexpected value %d\n",
384 cert_status);
385 break;
386 }
387
388 if (p)
389 addf_gnutls_buffer_append_printf (str, "\t\tCertificate Status: %s\n", p);
390 }
391
392 /* XXX revocation reason */
393
394 if (cert_status == GNUTLS_OCSP_CERT_REVOKED)
395 {
396 char s[42];
397 size_t max = sizeof (s);
398 struct tm t;
399
400 if (revocation_time == (time_t) -1)
401 addf_gnutls_buffer_append_printf (str, "error: revocation_time\n");
402 else if (gmtime_r (&revocation_time, &t) == NULL((void*)0))
403 addf_gnutls_buffer_append_printf (str, "error: gmtime_r (%ld)\n",
404 (unsigned long) revocation_time);
405 else if (strftime (s, max, "%a %b %d %H:%M:%S UTC %Y", &t) == 0)
406 addf_gnutls_buffer_append_printf (str, "error: strftime (%ld)\n",
407 (unsigned long) revocation_time);
408 else
409 addf_gnutls_buffer_append_printf (str, _("\t\tRevocation time: %s\n")dgettext ("gnutls", "\t\tRevocation time: %s\n"), s);
410 }
411
412 {
413 char s[42];
414 size_t max = sizeof (s);
415 struct tm t;
416
417 if (this_update == (time_t) -1)
418 addf_gnutls_buffer_append_printf (str, "error: this_update\n");
419 else if (gmtime_r (&this_update, &t) == NULL((void*)0))
420 addf_gnutls_buffer_append_printf (str, "error: gmtime_r (%ld)\n", (unsigned long) this_update);
421 else if (strftime (s, max, "%a %b %d %H:%M:%S UTC %Y", &t) == 0)
422 addf_gnutls_buffer_append_printf (str, "error: strftime (%ld)\n", (unsigned long) this_update);
423 else
424 addf_gnutls_buffer_append_printf (str, _("\t\tThis Update: %s\n")dgettext ("gnutls", "\t\tThis Update: %s\n"), s);
425 }
426
427 {
428 char s[42];
429 size_t max = sizeof (s);
430 struct tm t;
431
432 if (next_update == (time_t) -1)
433 addf_gnutls_buffer_append_printf (str, "error: next_update\n");
434 else if (gmtime_r (&next_update, &t) == NULL((void*)0))
435 addf_gnutls_buffer_append_printf (str, "error: gmtime_r (%ld)\n", (unsigned long) next_update);
436 else if (strftime (s, max, "%a %b %d %H:%M:%S UTC %Y", &t) == 0)
437 addf_gnutls_buffer_append_printf (str, "error: strftime (%ld)\n", (unsigned long) next_update);
438 else
439 addf_gnutls_buffer_append_printf (str, _("\t\tNext Update: %s\n")dgettext ("gnutls", "\t\tNext Update: %s\n"), s);
440 }
441
442 /* XXX singleRequestExtensions */
443 }
444
445 adds_gnutls_buffer_append_str (str, "\tExtensions:\n");
446 for (indx = 0; ; indx++)
447 {
448 gnutls_datum_t oid;
449 unsigned int critical;
450 gnutls_datum_t data;
451
452 ret = gnutls_ocsp_resp_get_extension (resp, indx, &oid, &critical, &data);
453 if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE-56)
454 break;
455 else if (ret != GNUTLS_E_SUCCESS0)
456 {
457 addf_gnutls_buffer_append_printf (str, "error: get_extension: %s\n",
458 gnutls_strerror (ret));
459 continue;
460 }
461
462 if (memcmp (oid.data, GNUTLS_OCSP_NONCE"1.3.6.1.5.5.7.48.1.2", oid.size) == 0)
463 {
464 gnutls_datum_t nonce;
465 unsigned int critical;
466
467 ret = gnutls_ocsp_resp_get_nonce (resp, &critical, &nonce);
468 if (ret != GNUTLS_E_SUCCESS0)
469 {
470 addf_gnutls_buffer_append_printf (str, "error: get_nonce: %s\n",
471 gnutls_strerror (ret));
472 }
473 else
474 {
475 addf_gnutls_buffer_append_printf (str, "\t\tNonce%s: ", critical ? " (critical)" : "");
476 _gnutls_buffer_hexprint (str, nonce.data, nonce.size);
477 adds_gnutls_buffer_append_str (str, "\n");
478 gnutls_free (nonce.data);
479 }
480 }
481 else
482 {
483 addf_gnutls_buffer_append_printf (str, "\t\tUnknown extension %s (%s):\n", oid.data,
484 critical ? "critical" : "not critical");
485
486 addf_gnutls_buffer_append_printf (str, _("\t\t\tASCII: ")dgettext ("gnutls", "\t\t\tASCII: "));
487 _gnutls_buffer_asciiprint (str, data.data, data.size);
488 addf_gnutls_buffer_append_printf (str, "\n");
489
490 addf_gnutls_buffer_append_printf (str, _("\t\t\tHexdump: ")dgettext ("gnutls", "\t\t\tHexdump: "));
491 _gnutls_buffer_hexprint (str, data.data, data.size);
492 adds_gnutls_buffer_append_str (str, "\n");
493 }
494
495 gnutls_free (oid.data);
496 gnutls_free (data.data);
497 }
498
499 /* Signature. */
500 {
501 gnutls_datum_t sig;
502
503 ret = gnutls_ocsp_resp_get_signature_algorithm (resp);
504 if (ret < 0)
505 addf_gnutls_buffer_append_printf (str, "retor: get_signature_algorithm: %s\n",
506 gnutls_strerror (ret));
507 else
508 {
509 const char *name = gnutls_sign_algorithm_get_namegnutls_sign_get_name (ret);
510 if (name == NULL((void*)0))
511 name = _("unknown")dgettext ("gnutls", "unknown");
512 addf_gnutls_buffer_append_printf (str, _("\tSignature Algorithm: %s\n")dgettext ("gnutls", "\tSignature Algorithm: %s\n"), name);
513 }
514 if (ret == GNUTLS_SIGN_RSA_MD5 || ret == GNUTLS_SIGN_RSA_MD2)
515 {
516 adds_gnutls_buffer_append_str (str, _("warning: signed using a broken signature "dgettext ("gnutls", "warning: signed using a broken signature "
"algorithm that can be forged.\n")
517 "algorithm that can be forged.\n")dgettext ("gnutls", "warning: signed using a broken signature "
"algorithm that can be forged.\n"));
518 }
519
520 ret = gnutls_ocsp_resp_get_signature (resp, &sig);
521 if (ret < 0)
522 addf_gnutls_buffer_append_printf (str, "error: get_signature: %s\n", gnutls_strerror (ret));
523 else
524 {
525 adds_gnutls_buffer_append_str (str, _("\tSignature:\n")dgettext ("gnutls", "\tSignature:\n"));
526 _gnutls_buffer_hexdump (str, sig.data, sig.size, "\t\t");
527
528 gnutls_free (sig.data);
529 }
530 }
531
532 /* certs */
533 {
534 gnutls_x509_crt_t *certs;
535 size_t ncerts, i;
536 gnutls_datum_t out;
537
538 ret = gnutls_ocsp_resp_get_certs (resp, &certs, &ncerts);
539 if (ret < 0)
540 addf_gnutls_buffer_append_printf (str, "error: get_certs: %s\n", gnutls_strerror (ret));
541 else
542 {
543 for (i = 0; i < ncerts; i++)
544 {
545 size_t s = 0;
546
547 ret = gnutls_x509_crt_print (certs[i], GNUTLS_CRT_PRINT_FULL,
548 &out);
549 if (ret < 0)
550 addf_gnutls_buffer_append_printf (str, "error: crt_print: %s\n", gnutls_strerror (ret));
551 else
552 {
553 addf_gnutls_buffer_append_printf (str, "%.*s", out.size, out.data);
554 gnutls_free (out.data);
555 }
556
557 ret = gnutls_x509_crt_export (certs[i], GNUTLS_X509_FMT_PEM,
558 NULL((void*)0), &s);
559 if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER-51)
560 addf_gnutls_buffer_append_printf (str, "error: crt_export: %s\n", gnutls_strerror (ret));
561 else
562 {
563 out.data = gnutls_malloc (s);
564 if (out.data == NULL((void*)0))
565 addf_gnutls_buffer_append_printf (str, "error: malloc: %s\n",
566 gnutls_strerror (GNUTLS_E_MEMORY_ERROR-25));
567 else
568 {
569 ret = gnutls_x509_crt_export (certs[i], GNUTLS_X509_FMT_PEM,
Value stored to 'ret' is never read
570 out.data, &s);
571 out.size = s;
572 addf_gnutls_buffer_append_printf (str, "%.*s", out.size, out.data);
573 gnutls_free (out.data);
574 }
575 }
576
577 gnutls_x509_crt_deinit (certs[i]);
578 }
579 gnutls_free (certs);
580 }
581 }
582}
583
584/**
585 * gnutls_ocsp_resp_print:
586 * @resp: The structure to be printed
587 * @format: Indicate the format to use
588 * @out: Newly allocated datum with (0) terminated string.
589 *
590 * This function will pretty print a OCSP response, suitable for
591 * display to a human.
592 *
593 * If the format is %GNUTLS_PRINT_FULL then all fields of the response
594 * will be output, on multiple lines.
595 *
596 * The output @out->data needs to be deallocate using gnutls_free().
597 *
598 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
599 * negative error value.
600 **/
601int
602gnutls_ocsp_resp_print (gnutls_ocsp_resp_t resp,
603 gnutls_ocsp_print_formats_t format,
604 gnutls_datum_t * out)
605{
606 gnutls_buffer_st str;
607 int rc;
608
609 if (format != GNUTLS_OCSP_PRINT_FULL)
610 {
611 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "ocsp_output.c",611); } while(0);;
612 return GNUTLS_E_INVALID_REQUEST-50;
613 }
614
615 _gnutls_buffer_init (&str);
616
617 _gnutls_buffer_append_str (&str, _("OCSP Response Information:\n")dgettext ("gnutls", "OCSP Response Information:\n"));
618
619 print_resp (&str, resp);
620
621 _gnutls_buffer_append_data (&str, "\0", 1);
622
623 rc = _gnutls_buffer_to_datum (&str, out);
624 if (rc != GNUTLS_E_SUCCESS0)
625 {
626 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "ocsp_output.c",626); } while(0);;
627 return rc;
628 }
629
630 return GNUTLS_E_SUCCESS0;
631}