![(please configure the [header_logo] section in trac.ini)](/repos/chrome/site/pj.jpg)
Changeset 5821 for pjproject/trunk/pjlib/src/pj/ssl_sock_gtls.c
- Timestamp:
- Jul 15, 2018 2:09:23 PM (6 years ago)
- File:
-
- 1 edited
-
pjproject/trunk/pjlib/src/pj/ssl_sock_gtls.c (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
pjproject/trunk/pjlib/src/pj/ssl_sock_gtls.c
r5730 r5821 190 190 }; 191 191 192 193 /* Certificate/credential structure definition. */ 194 struct pj_ssl_cert_t { 192 /* 193 * Certificate/credential structure definition. 194 */ 195 struct pj_ssl_cert_t 196 { 195 197 pj_str_t CA_file; 196 198 pj_str_t CA_path; … … 198 200 pj_str_t privkey_file; 199 201 pj_str_t privkey_pass; 202 203 /* Certificate buffer. */ 204 pj_ssl_cert_buffer CA_buf; 205 pj_ssl_cert_buffer cert_buf; 206 pj_ssl_cert_buffer privkey_buf; 200 207 }; 208 201 209 202 210 /* GnuTLS available ciphers */ … … 982 990 goto out; 983 991 } 992 993 if (cert->CA_buf.slen) { 994 gnutls_datum_t ca; 995 ca.data = (unsigned char*)cert->CA_buf.ptr; 996 ca.size = cert->CA_buf.slen; 997 ret = gnutls_certificate_set_x509_trust_mem(ssock->xcred, 998 &ca, 999 GNUTLS_X509_FMT_PEM); 1000 if (ret < 0) 1001 ret = gnutls_certificate_set_x509_trust_mem( 1002 ssock->xcred, &ca, GNUTLS_X509_FMT_DER); 1003 if (ret < 0) 1004 goto out; 1005 } 1006 1007 if (cert->cert_buf.slen && cert->privkey_buf.slen) { 1008 gnutls_datum_t cert_buf; 1009 gnutls_datum_t privkey_buf; 1010 1011 cert_buf.data = (unsigned char*)cert->CA_buf.ptr; 1012 cert_buf.size = cert->CA_buf.slen; 1013 privkey_buf.data = (unsigned char*)cert->privkey_buf.ptr; 1014 privkey_buf.size = cert->privkey_buf.slen; 1015 1016 const char *prikey_pass = cert->privkey_pass.slen 1017 ? cert->privkey_pass.ptr 1018 : NULL; 1019 ret = gnutls_certificate_set_x509_key_mem2(ssock->xcred, 1020 &cert_buf, 1021 &privkey_buf, 1022 GNUTLS_X509_FMT_PEM, 1023 prikey_pass, 1024 0); 1025 /* Load DER format */ 1026 /* 1027 if (ret != GNUTLS_E_SUCCESS) 1028 ret = gnutls_certificate_set_x509_key_mem2(ssock->xcred, 1029 &cert_buf, 1030 &privkey_buf, 1031 GNUTLS_X509_FMT_DER, 1032 prikey_pass, 1033 0); 1034 */ 1035 if (ret < 0) 1036 goto out; 1037 } 984 1038 } 985 1039 … … 2090 2144 } 2091 2145 2146 PJ_DEF(pj_status_t) pj_ssl_cert_load_from_buffer(pj_pool_t *pool, 2147 const pj_ssl_cert_buffer *CA_buf, 2148 const pj_ssl_cert_buffer *cert_buf, 2149 const pj_ssl_cert_buffer *privkey_buf, 2150 const pj_str_t *privkey_pass, 2151 pj_ssl_cert_t **p_cert) 2152 { 2153 pj_ssl_cert_t *cert; 2154 2155 PJ_ASSERT_RETURN(pool && CA_buf && cert_buf && privkey_buf, PJ_EINVAL); 2156 2157 cert = PJ_POOL_ZALLOC_T(pool, pj_ssl_cert_t); 2158 pj_strdup(pool, &cert->CA_buf, CA_buf); 2159 pj_strdup(pool, &cert->cert_buf, cert_buf); 2160 pj_strdup(pool, &cert->privkey_buf, privkey_buf); 2161 pj_strdup_with_null(pool, &cert->privkey_pass, privkey_pass); 2162 2163 *p_cert = cert; 2164 2165 return PJ_SUCCESS; 2166 } 2167 2092 2168 /* Store credentials. */ 2093 2169 PJ_DEF(pj_status_t) pj_ssl_sock_set_certificate( pj_ssl_sock_t *ssock, … … 2106 2182 pj_strdup_with_null(pool, &cert_->privkey_file, &cert->privkey_file); 2107 2183 pj_strdup_with_null(pool, &cert_->privkey_pass, &cert->privkey_pass); 2184 2185 pj_strdup(pool, &cert_->CA_buf, &cert->CA_buf); 2186 pj_strdup(pool, &cert_->cert_buf, &cert->cert_buf); 2187 pj_strdup(pool, &cert_->privkey_buf, &cert->privkey_buf); 2108 2188 2109 2189 ssock->cert = cert_;
Note: See TracChangeset
for help on using the changeset viewer.
