From c00359131533c5c5a4bba0a84812b490a7bed84b Mon Sep 17 00:00:00 2001 From: Marcel Poul Date: Sun, 26 Feb 2012 00:34:07 +0000 Subject: [PATCH] set CA directory an CRL directory to context --- emi.canl.canl-c/src/canl_locl.h | 6 +++-- emi.canl.canl-c/src/canl_ssl.c | 58 ++++++++++++++++++++++++++++++++++++++--- 2 files changed, 58 insertions(+), 6 deletions(-) diff --git a/emi.canl.canl-c/src/canl_locl.h b/emi.canl.canl-c/src/canl_locl.h index f569255..eb081f2 100644 --- a/emi.canl.canl-c/src/canl_locl.h +++ b/emi.canl.canl-c/src/canl_locl.h @@ -90,6 +90,8 @@ typedef struct _mech_glb_ctx { void *mech_ctx; //like SSL_CTX * unsigned int flags; + char *ca_dir; + char *crl_dir; } mech_glb_ctx; typedef struct canl_mech { @@ -103,10 +105,10 @@ typedef struct canl_mech { (glb_ctx *cc, unsigned int *mech_flags, unsigned int flags); canl_err_code (*set_ca_dir) - (glb_ctx *, const char *); + (glb_ctx *, mech_glb_ctx *, const char *); canl_err_code (*set_crl_dir) - (glb_ctx *, const char *); + (glb_ctx *, mech_glb_ctx *, const char *); canl_err_code (*finish) (glb_ctx *, void *); diff --git a/emi.canl.canl-c/src/canl_ssl.c b/emi.canl.canl-c/src/canl_ssl.c index 68cd831..52c5dcd 100644 --- a/emi.canl.canl-c/src/canl_ssl.c +++ b/emi.canl.canl-c/src/canl_ssl.c @@ -86,14 +86,39 @@ ssl_set_flags(glb_ctx *cc, unsigned int *mech_flags, unsigned int flags) } static canl_err_code -ssl_set_ca_dir(glb_ctx *cc, const char *ca_dir) +ssl_set_dir(glb_ctx *cc, char **target, const char *ca_dir) { - return ENOSYS; + int fn_len = 0; + if (cc == NULL) + return EINVAL; + + if (ca_dir == NULL) + return set_error(cc, EINVAL, POSIX_ERROR, "CA dir. name NULL"); + + if (target && *target){ + free (*target); + *target = NULL; + } + fn_len = strlen(ca_dir); + *target = (char *) malloc ((fn_len + 1) * sizeof (char)); + if (!(*target)) { + return set_error(cc, ENOMEM, POSIX_ERROR, NULL); + } + strncpy (*target, ca_dir, fn_len + 1); + + return 0; } + static canl_err_code -ssl_set_crl_dir(glb_ctx *cc, const char *crl_dir) +ssl_set_crl_dir(glb_ctx *cc, mech_glb_ctx *m_ctx, const char *crl_dir) { - return ENOSYS; + return ssl_set_dir(cc, &m_ctx->crl_dir, crl_dir); +} + +static canl_err_code +ssl_set_ca_dir(glb_ctx *cc, mech_glb_ctx *m_ctx, const char *ca_dir) +{ + return ssl_set_dir(cc, &m_ctx->ca_dir, ca_dir); } static canl_err_code @@ -840,6 +865,7 @@ ssl_finish(glb_ctx *cc, void *ctx) return 0; } +/*maybe move to better file*/ canl_err_code canl_ctx_set_ssl_cred(canl_ctx cc, char *cert, char *key, canl_password_callback cb, void *userdata) @@ -861,6 +887,30 @@ canl_ctx_set_ssl_cred(canl_ctx cc, char *cert, char *key, return err; } +canl_err_code +canl_ctx_set_crl_dir(canl_ctx cc, const char *dir) +{ + glb_ctx *glb_cc = (glb_ctx*) cc; + struct canl_mech *mech = find_mech(GSS_C_NO_OID); //TODO for now + + if (!cc) + return EINVAL; + + return mech->set_crl_dir(glb_cc, mech->glb_ctx, dir); +} + +canl_err_code +canl_ctx_set_ca_dir(canl_ctx cc, const char *dir) +{ + glb_ctx *glb_cc = (glb_ctx*) cc; + struct canl_mech *mech = find_mech(GSS_C_NO_OID); //TODO for now + + if (!cc) + return EINVAL; + + return mech->set_ca_dir(glb_cc, mech->glb_ctx, dir); +} + static canl_err_code ssl_get_peer(glb_ctx *cc, io_handler *io, void *auth_ctx, canl_principal *peer) { -- 1.8.2.3