aboutsummaryrefslogtreecommitdiff
path: root/src/daemon/https/tls/auth_cert.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/daemon/https/tls/auth_cert.c')
-rw-r--r--src/daemon/https/tls/auth_cert.c40
1 files changed, 23 insertions, 17 deletions
diff --git a/src/daemon/https/tls/auth_cert.c b/src/daemon/https/tls/auth_cert.c
index 6f34a120..d0191f24 100644
--- a/src/daemon/https/tls/auth_cert.c
+++ b/src/daemon/https/tls/auth_cert.c
@@ -45,9 +45,10 @@
45#include <gnutls_x509.h> 45#include <gnutls_x509.h>
46#include "debug.h" 46#include "debug.h"
47 47
48static MHD_gnutls_cert *alloc_and_load_x509_certs (MHD_gnutls_x509_crt_t * certs, 48static MHD_gnutls_cert *alloc_and_load_x509_certs (MHD_gnutls_x509_crt_t *
49 unsigned); 49 certs, unsigned);
50static MHD_gnutls_privkey *alloc_and_load_x509_key (MHD_gnutls_x509_privkey_t key); 50static MHD_gnutls_privkey *alloc_and_load_x509_key (MHD_gnutls_x509_privkey_t
51 key);
51 52
52 53
53/* Copies data from a internal certificate struct (MHD_gnutls_cert) to 54/* Copies data from a internal certificate struct (MHD_gnutls_cert) to
@@ -55,7 +56,7 @@ static MHD_gnutls_privkey *alloc_and_load_x509_key (MHD_gnutls_x509_privkey_t ke
55 */ 56 */
56static int 57static int
57MHD__gnutls_copy_certificate_auth_info (cert_auth_info_t info, 58MHD__gnutls_copy_certificate_auth_info (cert_auth_info_t info,
58 MHD_gnutls_cert * cert, int ncerts) 59 MHD_gnutls_cert * cert, int ncerts)
59{ 60{
60 /* Copy peer's information to auth_info_t 61 /* Copy peer's information to auth_info_t
61 */ 62 */
@@ -82,7 +83,7 @@ MHD__gnutls_copy_certificate_auth_info (cert_auth_info_t info,
82 { 83 {
83 ret = 84 ret =
84 MHD__gnutls_set_datum (&info->raw_certificate_list[i], 85 MHD__gnutls_set_datum (&info->raw_certificate_list[i],
85 cert[i].raw.data, cert[i].raw.size); 86 cert[i].raw.data, cert[i].raw.size);
86 if (ret < 0) 87 if (ret < 0)
87 { 88 {
88 MHD_gnutls_assert (); 89 MHD_gnutls_assert ();
@@ -113,9 +114,9 @@ clear:
113 */ 114 */
114inline static int 115inline static int
115MHD__gnutls_check_pk_algo_in_list (const enum MHD_GNUTLS_PublicKeyAlgorithm 116MHD__gnutls_check_pk_algo_in_list (const enum MHD_GNUTLS_PublicKeyAlgorithm
116 *pk_algos, int pk_algos_length, 117 *pk_algos, int pk_algos_length,
117 enum MHD_GNUTLS_PublicKeyAlgorithm 118 enum MHD_GNUTLS_PublicKeyAlgorithm
118 algo_to_check) 119 algo_to_check)
119{ 120{
120 int i; 121 int i;
121 for (i = 0; i < pk_algos_length; i++) 122 for (i = 0; i < pk_algos_length; i++)
@@ -133,7 +134,8 @@ MHD__gnutls_check_pk_algo_in_list (const enum MHD_GNUTLS_PublicKeyAlgorithm
133 * specified in cert. 134 * specified in cert.
134 */ 135 */
135static int 136static int
136MHD__gnutls_cert_get_issuer_dn (MHD_gnutls_cert * cert, MHD_gnutls_datum_t * odn) 137MHD__gnutls_cert_get_issuer_dn (MHD_gnutls_cert * cert,
138 MHD_gnutls_datum_t * odn)
137{ 139{
138 ASN1_TYPE dn; 140 ASN1_TYPE dn;
139 int len, result; 141 int len, result;
@@ -155,8 +157,9 @@ MHD__gnutls_cert_get_issuer_dn (MHD_gnutls_cert * cert, MHD_gnutls_datum_t * odn
155 return MHD_gtls_asn2err (result); 157 return MHD_gtls_asn2err (result);
156 } 158 }
157 159
158 result = MHD__asn1_der_decoding_startEnd (dn, cert->raw.data, cert->raw.size, 160 result =
159 "tbsCertificate.issuer", &start, &end); 161 MHD__asn1_der_decoding_startEnd (dn, cert->raw.data, cert->raw.size,
162 "tbsCertificate.issuer", &start, &end);
160 163
161 if (result != ASN1_SUCCESS) 164 if (result != ASN1_SUCCESS)
162 { 165 {
@@ -211,7 +214,7 @@ _find_x509_cert (const MHD_gtls_cert_credentials_t cred,
211 { 214 {
212 if ((result = 215 if ((result =
213 MHD__gnutls_cert_get_issuer_dn (&cred->cert_list[i][j], 216 MHD__gnutls_cert_get_issuer_dn (&cred->cert_list[i][j],
214 &odn)) < 0) 217 &odn)) < 0)
215 { 218 {
216 MHD_gnutls_assert (); 219 MHD_gnutls_assert ();
217 return result; 220 return result;
@@ -483,7 +486,8 @@ _select_client_cert (MHD_gtls_session_t session,
483 if (issuers_dn_length > 0) 486 if (issuers_dn_length > 0)
484 { 487 {
485 issuers_dn = 488 issuers_dn =
486 MHD_gnutls_malloc (sizeof (MHD_gnutls_datum_t) * issuers_dn_length); 489 MHD_gnutls_malloc (sizeof (MHD_gnutls_datum_t) *
490 issuers_dn_length);
487 if (issuers_dn == NULL) 491 if (issuers_dn == NULL)
488 { 492 {
489 MHD_gnutls_assert (); 493 MHD_gnutls_assert ();
@@ -712,7 +716,8 @@ MHD_gtls_proc_x509_server_certificate (MHD_gtls_session_t session,
712 */ 716 */
713 717
714 peer_certificate_list = 718 peer_certificate_list =
715 MHD_gnutls_malloc (sizeof (MHD_gnutls_cert) * (peer_certificate_list_size)); 719 MHD_gnutls_malloc (sizeof (MHD_gnutls_cert) *
720 (peer_certificate_list_size));
716 721
717 if (peer_certificate_list == NULL) 722 if (peer_certificate_list == NULL)
718 { 723 {
@@ -752,8 +757,9 @@ MHD_gtls_proc_x509_server_certificate (MHD_gtls_session_t session,
752 757
753 if ((ret = 758 if ((ret =
754 MHD__gnutls_copy_certificate_auth_info (info, 759 MHD__gnutls_copy_certificate_auth_info (info,
755 peer_certificate_list, 760 peer_certificate_list,
756 peer_certificate_list_size)) < 0) 761 peer_certificate_list_size)) <
762 0)
757 { 763 {
758 MHD_gnutls_assert (); 764 MHD_gnutls_assert ();
759 goto cleanup; 765 goto cleanup;
@@ -761,7 +767,7 @@ MHD_gtls_proc_x509_server_certificate (MHD_gtls_session_t session,
761 767
762 if ((ret = 768 if ((ret =
763 MHD__gnutls_check_key_usage (&peer_certificate_list[0], 769 MHD__gnutls_check_key_usage (&peer_certificate_list[0],
764 MHD_gnutls_kx_get (session))) < 0) 770 MHD_gnutls_kx_get (session))) < 0)
765 { 771 {
766 MHD_gnutls_assert (); 772 MHD_gnutls_assert ();
767 goto cleanup; 773 goto cleanup;
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-15 21:38:50 +0000