Changeset 2b76a9c in mod_gnutls for src/gnutls_hooks.c
- Timestamp:
- Jan 29, 2013, 3:41:38 PM (8 years ago)
- Branches:
- asyncio, debian/master, debian/stretch-backports, jessie-backports, master, msva, proxy-ticket, upstream
- Children:
- b8df283
- Parents:
- 303dc6e
- git-author:
- Daniel Kahn Gillmor <dkg@…> (01/25/13 06:36:51)
- git-committer:
- Daniel Kahn Gillmor <dkg@…> (01/29/13 15:41:38)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
src/gnutls_hooks.c
r303dc6e r2b76a9c 382 382 #endif 383 383 384 if (sc->certs_x509_chain == NULL && sc->cert_pgp == NULL && sc->enabled == GNUTLS_ENABLED_TRUE) { 384 if ((sc->certs_x509_chain == NULL || sc->certs_x509_chain_num < 1) && 385 sc->cert_pgp == NULL && sc->enabled == GNUTLS_ENABLED_TRUE) { 385 386 ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, s, 386 387 "[GnuTLS] - Host '%s:%d' is missing a Certificate File!", … … 389 390 } 390 391 391 if (sc->enabled == GNUTLS_ENABLED_TRUE && ((sc->certs_x509_chain != NULL && sc->privkey_x509 == NULL) || (sc->cert_pgp != NULL && sc->privkey_pgp == NULL))) { 392 if (sc->enabled == GNUTLS_ENABLED_TRUE && 393 ((sc->certs_x509_chain != NULL && sc->certs_x509_chain_num > 0 && sc->privkey_x509 == NULL) || 394 (sc->cert_pgp != NULL && sc->privkey_pgp == NULL))) { 392 395 ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, s, 393 396 "[GnuTLS] - Host '%s:%d' is missing a Private Key File!", … … 397 400 398 401 if (sc->enabled == GNUTLS_ENABLED_TRUE) { 399 rv = read_crt_cn(s, p, sc->certs_x509_chain[sc->certs_x509_chain_num-1], &sc->cert_cn); 402 rv = -1; 403 if (sc->certs_x509_chain_num > 0) { 404 rv = read_crt_cn(s, p, sc->certs_x509_chain[0], &sc->cert_cn); 405 } 400 406 if (rv < 0 && sc->cert_pgp != NULL) { 401 407 rv = read_pgpcrt_cn(s, p, sc->cert_pgp, &sc->cert_cn); … … 547 553 } 548 554 549 int ret = gnutls_x509_crt_check_hostname(tsc->certs_x509_chain[ tsc->certs_x509_chain_num-1], s->server_hostname);555 int ret = gnutls_x509_crt_check_hostname(tsc->certs_x509_chain[0], s->server_hostname); 550 556 if (0 == ret) 551 557 ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, … … 754 760 755 761 if (gnutls_certificate_type_get(ctxt->session) == GNUTLS_CRT_X509) { 756 mgs_add_common_cert_vars(r, ctxt->sc->certs_x509_chain[ ctxt->sc->certs_x509_chain_num], 0);762 mgs_add_common_cert_vars(r, ctxt->sc->certs_x509_chain[0], 0); 757 763 } else if (gnutls_certificate_type_get(ctxt->session) == GNUTLS_CRT_OPENPGP) { 758 764 mgs_add_common_pgpcert_vars(r, ctxt->sc->cert_pgp, 0);
Note: See TracChangeset
for help on using the changeset viewer.