Author: mturk
Date: Mon Sep 19 10:59:08 2011
New Revision: 1172566
URL: http://svn.apache.org/viewvc?rev=1172566&view=rev
Log:
Add limited support for UNDEF key or cert format
Modified:
commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c
commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c
commons/sandbox/runtime/trunk/src/main/native/modules/openssl/key.c
Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c
URL:
http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c?rev=1172566&r1=1172565&r2=1172566&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c
(original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c Mon Sep
19 10:59:08 2011
@@ -122,6 +122,7 @@ struct SSLAPIst {
unsigned long (*fpERR_get_error)(void);
void (*fpERR_load_crypto_strings)(void);
unsigned long (*fpERR_peek_error)(void);
+ unsigned long (*fpERR_peek_last_error)(void);
void (*fpERR_put_error)(int, int, int, const char *, int);
/*** EVP ***/
@@ -212,6 +213,7 @@ struct SSLAPIst {
void (*fpX509_free)(X509 *);
void (*fpX509_STORE_free)(X509_STORE *);
int (*fpX509_STORE_set_flags)(X509_STORE *, unsigned long);
+ int (*fpX509_STORE_load_locations)(X509_STORE *, const
char *, const char *);
X509* (*fpd2i_X509_bio)(BIO *, X509 **);
/*** _STACK ***/
@@ -353,6 +355,7 @@ ACR_JNI_EXPORT(jboolean, Native, ldopens
CRYPTO_FPLOAD(ERR_get_error);
CRYPTO_FPLOAD(ERR_load_crypto_strings);
CRYPTO_FPLOAD(ERR_peek_error);
+ CRYPTO_FPLOAD(ERR_peek_last_error);
CRYPTO_FPLOAD(ERR_put_error);
/*** EVP ***/
@@ -397,6 +400,7 @@ ACR_JNI_EXPORT(jboolean, Native, ldopens
CRYPTO_FPLOAD(X509_free);
CRYPTO_FPLOAD(X509_STORE_free);
CRYPTO_FPLOAD(X509_STORE_set_flags);
+ CRYPTO_FPLOAD(X509_STORE_load_locations);
CRYPTO_FPLOAD(d2i_X509_bio);
/*** _STACK ***/
CRYPTO_FPLOAD(sk_pop_free);
@@ -688,6 +692,11 @@ unsigned long ERR_peek_error(void)
return SSLAPI_CALL(ERR_peek_error)();
}
+unsigned long ERR_peek_last_error(void)
+{
+ return SSLAPI_CALL(ERR_peek_last_error)();
+}
+
void ERR_put_error(int lib, int func, int reason, const char *file, int line)
{
SSLAPI_CALL(ERR_put_error)(lib, func, reason, file, line);
@@ -981,6 +990,12 @@ int X509_STORE_set_flags(X509_STORE *ctx
return SSLAPI_CALL(X509_STORE_set_flags)(ctx, flags);
}
+int X509_STORE_load_locations (X509_STORE *ctx,
+ const char *file, const char *dir)
+{
+ return SSLAPI_CALL(X509_STORE_load_locations)(ctx, file, dir);
+}
+
void sk_pop_free(SSLAPI_STACK *st, void (*func)(void *))
{
SSLAPI_CALL(sk_pop_free)(st, func);
Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c
URL:
http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c?rev=1172566&r1=1172565&r2=1172566&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c
(original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c Mon
Sep 19 10:59:08 2011
@@ -44,7 +44,17 @@ static X509 *load_cert(ssl_pass_cb_t *pa
else
password_callback->desc = file;
}
- if (format == SSL_CRT_FORMAT_PEM) {
+ if (format == SSL_CRT_FORMAT_UNDEF) {
+ cert = PEM_read_bio_X509_AUX(bio, 0,
+ ssl_password_callback,
+ password_callback);
+ if (cert == 0 && ERR_GET_REASON(ERR_peek_last_error()) ==
PEM_R_NO_START_LINE) {
+ ERR_clear_error();
+ BIO_ctrl(bio, BIO_CTRL_RESET, 0, 0);
+ cert = d2i_X509_bio(bio, 0);
+ }
+ }
+ else if (format == SSL_CRT_FORMAT_PEM) {
cert = PEM_read_bio_X509_AUX(bio, 0,
ssl_password_callback,
password_callback);
@@ -56,6 +66,9 @@ static X509 *load_cert(ssl_pass_cb_t *pa
if (!ssl_load_pkcs12(bio, 0, 0, &cert, 0))
cert = 0;
}
+ else {
+ /* TODO: Setup unsupported error */
+ }
BIO_free(bio);
return cert;
}
Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/key.c
URL:
http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/key.c?rev=1172566&r1=1172565&r2=1172566&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/key.c
(original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/key.c Mon Sep
19 10:59:08 2011
@@ -44,7 +44,17 @@ static EVP_PKEY *load_key(ssl_pass_cb_t
else
password_callback->desc = file;
}
- if (format == SSL_KEY_FORMAT_ASN1) {
+ if (format == SSL_KEY_FORMAT_UNDEF) {
+ key = PEM_read_bio_PrivateKey(bio, 0,
+ ssl_password_callback,
+ password_callback);
+ if (key == 0) {
+ ERR_clear_error();
+ BIO_ctrl(bio, BIO_CTRL_RESET, 0, 0);
+ key = d2i_PrivateKey_bio(bio, 0);
+ }
+ }
+ else if (format == SSL_KEY_FORMAT_ASN1) {
key = d2i_PrivateKey_bio(bio, 0);
}
else if (format == SSL_KEY_FORMAT_PEM) {
@@ -57,6 +67,9 @@ static EVP_PKEY *load_key(ssl_pass_cb_t
&key, 0, 0))
key = 0;
}
+ else {
+ /* TODO: Setup unsupported error */
+ }
BIO_free(bio);
return key;
}
