commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject svn commit: r1172566 - in /commons/sandbox/runtime/trunk/src/main/native/modules/openssl: api.c cert.c key.c
Date Mon, 19 Sep 2011 10:59:08 GMT
Author: mturk
Date: Mon Sep 19 10:59:08 2011
New Revision: 1172566

URL: http://svn.apache.org/viewvc?rev=1172566&view=rev
Log:
Add limited support for UNDEF key or cert format

Modified:
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/key.c

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c?rev=1172566&r1=1172565&r2=1172566&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c Mon Sep 19 10:59:08
2011
@@ -122,6 +122,7 @@ struct SSLAPIst {
     unsigned long       (*fpERR_get_error)(void);
     void                (*fpERR_load_crypto_strings)(void);
     unsigned long       (*fpERR_peek_error)(void);
+    unsigned long       (*fpERR_peek_last_error)(void);
     void                (*fpERR_put_error)(int, int, int, const char *, int);
 
     /*** EVP      ***/
@@ -212,6 +213,7 @@ struct SSLAPIst {
     void                (*fpX509_free)(X509 *);
     void                (*fpX509_STORE_free)(X509_STORE *);
     int                 (*fpX509_STORE_set_flags)(X509_STORE *, unsigned long);
+    int                 (*fpX509_STORE_load_locations)(X509_STORE *, const char *, const
char *);    
     X509*               (*fpd2i_X509_bio)(BIO *, X509 **);
 
     /*** _STACK   ***/
@@ -353,6 +355,7 @@ ACR_JNI_EXPORT(jboolean, Native, ldopens
     CRYPTO_FPLOAD(ERR_get_error);
     CRYPTO_FPLOAD(ERR_load_crypto_strings);
     CRYPTO_FPLOAD(ERR_peek_error);
+    CRYPTO_FPLOAD(ERR_peek_last_error);
     CRYPTO_FPLOAD(ERR_put_error);
 
     /*** EVP      ***/
@@ -397,6 +400,7 @@ ACR_JNI_EXPORT(jboolean, Native, ldopens
     CRYPTO_FPLOAD(X509_free);
     CRYPTO_FPLOAD(X509_STORE_free);
     CRYPTO_FPLOAD(X509_STORE_set_flags);
+    CRYPTO_FPLOAD(X509_STORE_load_locations);
     CRYPTO_FPLOAD(d2i_X509_bio);
     /*** _STACK   ***/
     CRYPTO_FPLOAD(sk_pop_free);
@@ -688,6 +692,11 @@ unsigned long ERR_peek_error(void)
     return SSLAPI_CALL(ERR_peek_error)();
 }
 
+unsigned long ERR_peek_last_error(void)
+{
+    return SSLAPI_CALL(ERR_peek_last_error)();
+}
+
 void ERR_put_error(int lib, int func, int reason, const char *file, int line)
 {
     SSLAPI_CALL(ERR_put_error)(lib, func, reason, file, line);
@@ -981,6 +990,12 @@ int X509_STORE_set_flags(X509_STORE *ctx
     return SSLAPI_CALL(X509_STORE_set_flags)(ctx, flags);
 }
 
+int X509_STORE_load_locations (X509_STORE *ctx,
+                               const char *file, const char *dir)
+{
+    return SSLAPI_CALL(X509_STORE_load_locations)(ctx, file, dir);
+}
+
 void sk_pop_free(SSLAPI_STACK *st, void (*func)(void *))
 {
     SSLAPI_CALL(sk_pop_free)(st, func);

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c?rev=1172566&r1=1172565&r2=1172566&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c Mon Sep 19 10:59:08
2011
@@ -44,7 +44,17 @@ static X509 *load_cert(ssl_pass_cb_t *pa
         else
             password_callback->desc = file;
     }
-    if (format == SSL_CRT_FORMAT_PEM) {
+    if (format == SSL_CRT_FORMAT_UNDEF) {
+        cert = PEM_read_bio_X509_AUX(bio, 0,
+                                     ssl_password_callback,
+                                     password_callback);
+        if (cert == 0 && ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE)
{
+            ERR_clear_error();
+            BIO_ctrl(bio, BIO_CTRL_RESET, 0, 0);
+            cert = d2i_X509_bio(bio, 0);
+        }        
+    }
+    else if (format == SSL_CRT_FORMAT_PEM) {
         cert = PEM_read_bio_X509_AUX(bio, 0,
                                      ssl_password_callback,
                                      password_callback);
@@ -56,6 +66,9 @@ static X509 *load_cert(ssl_pass_cb_t *pa
         if (!ssl_load_pkcs12(bio, 0, 0, &cert, 0))
             cert = 0;
     }
+    else {
+        /* TODO: Setup unsupported error */
+    }
     BIO_free(bio);
     return cert;
 }

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/key.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/key.c?rev=1172566&r1=1172565&r2=1172566&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/key.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/key.c Mon Sep 19 10:59:08
2011
@@ -44,7 +44,17 @@ static EVP_PKEY *load_key(ssl_pass_cb_t 
         else
             password_callback->desc = file;
     }
-    if (format == SSL_KEY_FORMAT_ASN1) {
+    if (format == SSL_KEY_FORMAT_UNDEF) {
+        key = PEM_read_bio_PrivateKey(bio, 0,
+                                      ssl_password_callback,
+                                      password_callback);
+        if (key == 0) {
+            ERR_clear_error();
+            BIO_ctrl(bio, BIO_CTRL_RESET, 0, 0);
+            key = d2i_PrivateKey_bio(bio, 0);
+        }
+    }
+    else if (format == SSL_KEY_FORMAT_ASN1) {
         key = d2i_PrivateKey_bio(bio, 0);
     }
     else if (format == SSL_KEY_FORMAT_PEM) {
@@ -57,6 +67,9 @@ static EVP_PKEY *load_key(ssl_pass_cb_t 
                              &key, 0, 0))
             key = 0;
     }
+    else {
+        /* TODO: Setup unsupported error */
+    }
     BIO_free(bio);
     return key;
 }



Mime
View raw message