Changeset 6053
- Timestamp:
- Aug 28, 2019 9:32:26 AM (5 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
pjproject/trunk/pjlib/src/pj/ssl_sock_ossl.c
r6052 r6053 701 701 } 702 702 703 static int xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b) { 704 return X509_NAME_cmp(*a, *b); 705 } 703 706 704 707 /* Create and initialize new SSL context and instance */ … … 1065 1068 */ 1066 1069 if (cert && ssock->is_server) { 1067 STACK_OF(X509_NAME) *ca_dn = NULL; 1068 1069 if (cert->CA_file.slen > 0) { 1070 ca_dn = SSL_load_client_CA_file(cert->CA_file.ptr); 1071 } else if (cert->CA_buf.slen > 0) { 1072 X509 *x = NULL; 1073 X509_NAME *xn = NULL; 1074 STACK_OF(X509_NAME) *sk = NULL; 1075 BIO *bio = BIO_new_mem_buf((void*)cert->CA_buf.ptr, 1076 cert->CA_buf.slen); 1077 1078 sk = sk_X509_NAME_new((sk_X509_NAME_compfunc)X509_NAME_cmp); 1079 1080 if (sk != NULL && bio != NULL) { 1081 for (;;) { 1082 if (PEM_read_bio_X509(bio, &x, NULL, NULL) == NULL) 1083 break; 1084 1085 if (ca_dn == NULL) { 1086 ca_dn = sk_X509_NAME_new_null(); 1087 1088 if (ca_dn == NULL) 1089 break; 1090 } 1091 1092 if ((xn = X509_get_subject_name(x)) == NULL) 1093 break; 1094 1095 if ((xn = X509_NAME_dup(xn)) == NULL ) 1096 break; 1097 1098 if (sk_X509_NAME_find(sk, xn) >= 0) { 1099 X509_NAME_free(xn); 1100 } else { 1101 sk_X509_NAME_push(sk, xn); 1102 sk_X509_NAME_push(ca_dn, xn); 1103 } 1104 } 1105 } 1106 if (sk != NULL) 1107 sk_X509_NAME_free(sk); 1108 if (bio != NULL) 1109 BIO_free(bio); 1110 } 1111 1112 if (ca_dn != NULL) 1113 SSL_CTX_set_client_CA_list(ctx, ca_dn); 1070 STACK_OF(X509_NAME) *ca_dn = NULL; 1071 1072 if (cert->CA_file.slen > 0) { 1073 ca_dn = SSL_load_client_CA_file(cert->CA_file.ptr); 1074 } else if (cert->CA_buf.slen > 0) { 1075 X509 *x = NULL; 1076 X509_NAME *xn = NULL; 1077 STACK_OF(X509_NAME) *sk = NULL; 1078 BIO *new_bio = BIO_new_mem_buf((void*)cert->CA_buf.ptr, 1079 cert->CA_buf.slen); 1080 1081 sk = sk_X509_NAME_new(xname_cmp); 1082 1083 if (sk != NULL && new_bio != NULL) { 1084 for (;;) { 1085 if (PEM_read_bio_X509(new_bio, &x, NULL, NULL) == NULL) 1086 break; 1087 1088 if ((xn = X509_get_subject_name(x)) == NULL) 1089 break; 1090 1091 if ((xn = X509_NAME_dup(xn)) == NULL ) 1092 break; 1093 1094 if (sk_X509_NAME_find(sk, xn) >= 0) { 1095 X509_NAME_free(xn); 1096 } else { 1097 sk_X509_NAME_push(sk, xn); 1098 } 1099 X509_free(x); 1100 x = NULL; 1101 } 1102 } 1103 if (sk != NULL) 1104 ca_dn = sk; 1105 if (new_bio != NULL) 1106 BIO_free(new_bio); 1107 } 1108 1109 if (ca_dn != NULL) 1110 SSL_CTX_set_client_CA_list(ctx, ca_dn); 1114 1111 } 1115 1112
Note: See TracChangeset
for help on using the changeset viewer.