Changeset a01f8ab in mod_gnutls for src


Ignore:
Timestamp:
Nov 16, 2013, 2:46:50 AM (6 years ago)
Author:
Daniel Kahn Gillmor <dkg@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, upstream
Children:
b55bf71
Parents:
832182b
git-author:
Daniel Kahn Gillmor <dkg@…> (02/03/13 09:58:35)
git-committer:
Daniel Kahn Gillmor <dkg@…> (11/16/13 02:46:50)
Message:

upgrade to libmsv 0.1 API

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_hooks.c

    r832182b ra01f8ab  
    11951195        case mgs_cvm_msva:
    11961196        {
    1197             struct msv_response resp;
     1197            struct msv_response* resp = NULL;
     1198            struct msv_query q = { .context="https", .peertype="client", .pkctype="x509pem" };
     1199            msv_ctxt_t ctx = msv_ctxt_init(NULL);
    11981200            char cert_pem_buf[10 * 1024];
    11991201            size_t len = sizeof (cert_pem_buf);
     
    12011203            rv = 0;
    12021204            if (gnutls_x509_crt_export(cert.x509[0], GNUTLS_X509_FMT_PEM, cert_pem_buf, &len) >= 0) {
    1203                 char cert_pem_buf2[10*1024];
    1204                 char* tokstate;
    1205                 char* ptr = cert_pem_buf;
    1206                 char* outptr = cert_pem_buf2;
    1207                 const char* candidate = mgs_x509_construct_uid(r, cert.x509[0]);
    1208                 /* convert PEM to JSON-friendly string by escaping all newlines
    1209                    (this should really be done within libmsv) */
    1210                 ptr = apr_strtok(ptr, "\n", &tokstate);
    1211                 do {
    1212                     outptr = apr_cpystrn(outptr, ptr, (cert_pem_buf2 + sizeof(cert_pem_buf2) - outptr));
    1213                     outptr = apr_cpystrn(outptr, "\\n", (cert_pem_buf2 + sizeof(cert_pem_buf2) - outptr));
    1214                     ptr = apr_strtok(NULL, "\n", &tokstate);
    1215                 } while (ptr);
    1216                
    12171205                /* FIXME : put together a name from the cert we received, instead of hard-coding this value: */
    1218                 rv = msv_query_agent(NULL, "https", "client", candidate, "x509pem", cert_pem_buf2, &resp);
     1206                q.peername = mgs_x509_construct_uid(r, cert.x509[0]);
     1207                q.pkcdata = cert_pem_buf;
     1208                rv = msv_query_agent(ctx, q, &resp);
    12191209                if (rv == LIBMSV_ERROR_SUCCESS) {
    12201210                    status = 0;
    12211211                } else if (rv == LIBMSV_ERROR_INVALID) {
    12221212                    ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
    1223                                   "GnuTLS: Monkeysphere validation failed: (message: %s)", resp.message);
     1213                                  "GnuTLS: Monkeysphere validation failed: (message: %s)", resp->message);
    12241214                    status = GNUTLS_CERT_INVALID;
    12251215                } else {
    12261216                    ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
    1227                                   "GnuTLS: Error communicating with the Monkeysphere Validation Agent: (%d) %s", rv, msv_strerror(rv));
     1217                                  "GnuTLS: Error communicating with the Monkeysphere Validation Agent: (%d) %s", rv, msv_strerror(ctx, rv));
    12281218                    status = GNUTLS_CERT_INVALID;
    12291219                    rv = -1;
     
    12351225                rv = GNUTLS_E_ASN1_ELEMENT_NOT_FOUND;
    12361226            }
     1227            msv_response_destroy(resp);
     1228            msv_ctxt_destroy(ctx);
    12371229        }
    12381230            break;
Note: See TracChangeset for help on using the changeset viewer.