From 38cd623d83d1c90e6dab8d27e0325eed994d63e2 Mon Sep 17 00:00:00 2001 From: Marcel Poul Date: Sat, 25 Aug 2012 15:22:28 +0000 Subject: [PATCH] add canl_cred_load_priv_key() into caNl API --- emi.canl.canl-c/examples/canl_sample_client.c | 4 ++++ emi.canl.canl-c/src/canl_cred.c | 23 ++++++++++++++++++++++- emi.canl.canl-c/src/canl_cred.h | 2 ++ emi.canl.canl-c/src/canl_ssl.c | 2 -- 4 files changed, 28 insertions(+), 3 deletions(-) diff --git a/emi.canl.canl-c/examples/canl_sample_client.c b/emi.canl.canl-c/examples/canl_sample_client.c index 2afb0ff..60c1bbf 100644 --- a/emi.canl.canl-c/examples/canl_sample_client.c +++ b/emi.canl.canl-c/examples/canl_sample_client.c @@ -17,6 +17,7 @@ int main(int argc, char *argv[]) int err = 0; char buf[BUF_LEN]; int buf_len = 0; + char *ca_dir = NULL; char *p_server = NULL; char *def_server = "www.linuxfoundation.org"; int opt, port = DEF_PORT; @@ -51,6 +52,9 @@ int main(int argc, char *argv[]) case 'x': proxy_cert = optarg; break; + case 'd': + ca_dir = optarg; + break; case 't': timeout.tv_sec = atoi(optarg); break; diff --git a/emi.canl.canl-c/src/canl_cred.c b/emi.canl.canl-c/src/canl_cred.c index 8a940f7..aba26f5 100644 --- a/emi.canl.canl-c/src/canl_cred.c +++ b/emi.canl.canl-c/src/canl_cred.c @@ -189,6 +189,27 @@ canl_cred_save_priv_key(canl_ctx ctx, canl_cred cred, EVP_PKEY **pkey) } canl_err_code CANL_CALLCONV +canl_cred_load_priv_key(canl_ctx ctx, canl_cred cred, EVP_PKEY *pkey) +{ + glb_ctx *cc = (glb_ctx*) ctx; + creds *crd = (creds*) cred; + int ret = 0; + + if (!ctx) + return EINVAL; + + if (!cred) + return set_error(cc, EINVAL, POSIX_ERROR, "Cred. handler" + " not initialized" ); + if (!pkey) + return set_error(cc, EINVAL, POSIX_ERROR, "Invalid private key" + " parameter"); + pkey_dup(&crd->c_key, pkey); + + return ret; +} + +canl_err_code CANL_CALLCONV canl_cred_load_chain(canl_ctx ctx, canl_cred cred, STACK_OF(X509) *cert_stack) { glb_ctx *cc = (glb_ctx*) ctx; @@ -379,7 +400,7 @@ canl_cred_sign_proxy(canl_ctx ctx, canl_cred signer_cred, canl_cred proxy_cred) (key_size <= DEF_KEY_LEN_LONGER)) return set_error(cc, CANL_ERR_unknown, CANL_ERROR, "Cannot" "sign cert. request -the key is too short with " - " respect to cert. lifetime"); + "respect to cert. lifetime"); } /*TODO flags - limited,version*/ diff --git a/emi.canl.canl-c/src/canl_cred.h b/emi.canl.canl-c/src/canl_cred.h index 814d3f0..d94d604 100644 --- a/emi.canl.canl-c/src/canl_cred.h +++ b/emi.canl.canl-c/src/canl_cred.h @@ -41,6 +41,8 @@ canl_err_code CANL_CALLCONV canl_cred_load_priv_key_file(canl_ctx, canl_cred, const char *, canl_password_callback, void *); canl_err_code CANL_CALLCONV +canl_cred_load_priv_key(canl_ctx, canl_cred, EVP_PKEY *); +canl_err_code CANL_CALLCONV canl_cred_save_priv_key(canl_ctx, canl_cred, EVP_PKEY **); canl_err_code CANL_CALLCONV diff --git a/emi.canl.canl-c/src/canl_ssl.c b/emi.canl.canl-c/src/canl_ssl.c index 4f298ae..69a7158 100644 --- a/emi.canl.canl-c/src/canl_ssl.c +++ b/emi.canl.canl-c/src/canl_ssl.c @@ -580,7 +580,6 @@ static int do_ssl_connect(glb_ctx *cc, io_handler *io, time_t starttime, curtime; int ret = -1, ret2 = -1; unsigned long ssl_err = 0; - canl_err_origin e_orig = UNKNOWN_ERROR; long errorcode = 0; int expected = 0; int locl_timeout = -1; @@ -600,7 +599,6 @@ static int do_ssl_connect(glb_ctx *cc, io_handler *io, ret2 = SSL_connect(ssl); if (ret2 < 0) { ssl_err = ERR_get_error(); - e_orig = SSL_ERROR; } expected = errorcode = SSL_get_error(ssl, ret2); } -- 1.8.2.3