Swiftdiff options
| author | Kevin Smith <git@kismith.co.uk> | 2012-02-22 13:31:39 (GMT) |
|---|---|---|
| committer | Kevin Smith <git@kismith.co.uk> | 2012-02-22 14:16:18 (GMT) |
| commit | fa705718be1f98185557a09cf155ed66cbc740e2 (patch) | |
| tree | b73c65981c6e879df40c40c4b5436a4d4386e5a4 /Swiften/TLS/OpenSSL | |
| parent | 110eb87e848b85dd74a6f19413c775520a75ea35 (diff) | |
| download | swift-contrib-fa705718be1f98185557a09cf155ed66cbc740e2.zip swift-contrib-fa705718be1f98185557a09cf155ed66cbc740e2.tar.bz2 | |
Fix up for previous CAPI patch
Now connects successfully with or without TLS(with cert)
Diffstat (limited to 'Swiften/TLS/OpenSSL')
| -rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLContext.cpp | 11 | ||||
| -rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLContext.h | 2 |
2 files changed, 5 insertions, 8 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp index dd3462f..8076967 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp @@ -180,40 +180,37 @@ void OpenSSLContext::sendPendingDataToApplication() { ret = SSL_read(handle_, vecptr(data), data.size()); } if (ret < 0 && SSL_get_error(handle_, ret) != SSL_ERROR_WANT_READ) { state_ = Error; onError(); } } bool OpenSSLContext::setClientCertificate(CertificateWithKey * certificate) { - if (!certificate || certificate->isNull()) { - return false; - } - - if (!certificate->isPrivateKeyExportable()) { + boost::shared_ptr<PKCS12Certificate> pkcs12Certificate = boost::dynamic_pointer_cast<PKCS12Certificate>(certificate); + if (!pkcs12Certificate || pkcs12Certificate->isNull()) { return false; } // Create a PKCS12 structure BIO* bio = BIO_new(BIO_s_mem()); - BIO_write(bio, vecptr(certificate->getData()), certificate->getData().size()); + BIO_write(bio, vecptr(certificate->getData()), pkcs12Certificate->getData().size()); boost::shared_ptr<PKCS12> pkcs12(d2i_PKCS12_bio(bio, NULL), PKCS12_free); BIO_free(bio); if (!pkcs12) { return false; } // Parse PKCS12 X509 *certPtr = 0; EVP_PKEY* privateKeyPtr = 0; STACK_OF(X509)* caCertsPtr = 0; - int result = PKCS12_parse(pkcs12.get(), reinterpret_cast<const char*>(vecptr(certificate->getPassword())), &privateKeyPtr, &certPtr, &caCertsPtr); + int result = PKCS12_parse(pkcs12.get(), reinterpret_cast<const char*>(vecptr(pkcs12Certificate->getPassword())), &privateKeyPtr, &certPtr, &caCertsPtr); if (result != 1) { return false; } boost::shared_ptr<X509> cert(certPtr, X509_free); boost::shared_ptr<EVP_PKEY> privateKey(privateKeyPtr, EVP_PKEY_free); boost::shared_ptr<STACK_OF(X509)> caCerts(caCertsPtr, freeX509Stack); // Use the key & certificates if (SSL_CTX_use_certificate(context_, cert.get()) != 1) { diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.h b/Swiften/TLS/OpenSSL/OpenSSLContext.h index b53e715..e98fb49 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContext.h +++ b/Swiften/TLS/OpenSSL/OpenSSLContext.h @@ -16,19 +16,19 @@ namespace Swift { class CertificateWithKey; class OpenSSLContext : public TLSContext, boost::noncopyable { public: OpenSSLContext(); ~OpenSSLContext(); void connect(); - bool setClientCertificate(CertificateWithKey * cert); + bool setClientCertificate(CertificateWithKey::ref cert); void handleDataFromNetwork(const SafeByteArray&); void handleDataFromApplication(const SafeByteArray&); Certificate::ref getPeerCertificate() const; boost::shared_ptr<CertificateVerificationError> getPeerCertificateVerificationError() const; virtual ByteArray getFinishMessage() const; |