Changeset 5e81262 in mod_gnutls for src


Ignore:
Timestamp:
Dec 8, 2007, 11:07:12 AM (15 years ago)
Author:
Nokis Mavrogiannopoulos <nmav@…>
Branches:
asyncio, debian/master, debian/stretch-backports, jessie-backports, main, master, msva, proxy-ticket, upstream
Children:
ae4a2b0
Parents:
3b83e00
git-author:
Nikos Mavrogiannopoulos <nmav@…> (12/08/07 11:07:12)
git-committer:
Nokis Mavrogiannopoulos <nmav@…> (12/08/07 11:07:12)
Message:

Added support for sending more than one certificate.

Location:
src
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • src/gnutls_config.c

    r3b83e00 r5e81262  
    152152    }
    153153
    154     ret = gnutls_x509_crt_init(&sc->cert_x509);
    155     if (ret < 0) {
    156         return apr_psprintf(parms->pool, "GnuTLS: Failed to initialize"
    157                             ": (%d) %s", ret, gnutls_strerror(ret));
    158     }
    159 
     154    sc->certs_x509_num = MAX_CHAIN_SIZE;
    160155    ret =
    161         gnutls_x509_crt_import(sc->cert_x509, &data, GNUTLS_X509_FMT_PEM);
    162     if (ret != 0) {
     156        gnutls_x509_crt_list_import(sc->certs_x509, &sc->certs_x509_num, &data, GNUTLS_X509_FMT_PEM, 0);
     157    if (ret < 0) {
    163158        return apr_psprintf(parms->pool, "GnuTLS: Failed to Import "
    164159                            "Certificate '%s': (%d) %s", file, ret,
     
    441436    sc->srp_tpasswd_file = NULL;
    442437    sc->privkey_x509 = NULL;
    443     sc->cert_x509 = NULL;
     438    memset( sc->certs_x509, 0, sizeof(sc->certs_x509));
     439    sc->certs_x509_num = 0;
    444440    sc->cache_timeout = apr_time_from_sec(300);
    445441    sc->cache_type = mgs_cache_dbm;

  • src/gnutls_hooks.c

    r3b83e00 r5e81262  
    149149
    150150    ret->type = GNUTLS_CRT_X509;
    151     ret->ncerts = 1;
     151    ret->ncerts = ctxt->sc->certs_x509_num;
    152152    ret->deinit_all = 0;
    153153
    154     ret->cert.x509 = &ctxt->sc->cert_x509;
     154    ret->cert.x509 = ctxt->sc->certs_x509;
    155155    ret->key.x509 = ctxt->sc->privkey_x509;
    156156    return 0;
     
    335335            }
    336336
    337             if (sc->cert_x509 == NULL
     337            if (sc->certs_x509[0] == NULL
    338338                && sc->enabled == GNUTLS_ENABLED_TRUE) {
    339339                ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
     
    354354
    355355            if (sc->enabled == GNUTLS_ENABLED_TRUE) {
    356                 rv = read_crt_cn(s, p, sc->cert_x509, &sc->cert_cn);
     356                rv = read_crt_cn(s, p, sc->certs_x509[0], &sc->cert_cn);
    357357                if (rv < 0) {
    358358                    ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
     
    687687    apr_table_setn(env, "SSL_SESSION_ID", apr_pstrdup(r->pool, tmp));
    688688
    689     mgs_add_common_cert_vars(r, ctxt->sc->cert_x509, 0,
     689    mgs_add_common_cert_vars(r, ctxt->sc->certs_x509[0], 0,
    690690                             ctxt->sc->export_certificates_enabled);
    691691
Note: See TracChangeset for help on using the changeset viewer.