summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexey Melnikov <alexey.melnikov@isode.com>2012-03-07 19:16:54 (GMT)
committerKevin Smith <git@kismith.co.uk>2012-03-08 15:18:38 (GMT)
commit0833f7da453db9cd0fc3a78c793e7532663ab86b (patch)
tree0f0dab24760aa0ad5a77a3f5a4b3a25af3420a2a /Swiften/TLS/Schannel
parent2ba2c34e59c4ec5da9254b6c6f4669e0ee3c3225 (diff)
downloadswift-contrib-0833f7da453db9cd0fc3a78c793e7532663ab86b.zip
swift-contrib-0833f7da453db9cd0fc3a78c793e7532663ab86b.tar.bz2
Fixed several bugs in CAPI/Schannel code on Windows
This patch includes the following fixes: 1) Correctly hex encode SHA1 hashes when generating certstore: URIs 2) Use the newly parsed certificate store reference, not the old value 3) Need to call findCertificateInStore() when finding the selected TLS certificate in Schannel code. Without that "sha1:XXXX" URIs don't work Also minor optimization of string operations. License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
Diffstat (limited to 'Swiften/TLS/Schannel')
-rw-r--r--Swiften/TLS/Schannel/SchannelContext.cpp11
1 files changed, 1 insertions, 10 deletions
diff --git a/Swiften/TLS/Schannel/SchannelContext.cpp b/Swiften/TLS/Schannel/SchannelContext.cpp
index ddbebcb..b2fea65 100644
--- a/Swiften/TLS/Schannel/SchannelContext.cpp
+++ b/Swiften/TLS/Schannel/SchannelContext.cpp
@@ -69,15 +69,7 @@ void SchannelContext::connect()
}
}
- // Find client certificate. Note that this sample just searches for a
- // certificate that contains the user name somewhere in the subject name.
- pCertContext = CertFindCertificateInStore( m_my_cert_store,
- X509_ASN_ENCODING,
- 0, // dwFindFlags
- CERT_FIND_SUBJECT_STR_A,
- m_cert_name.c_str(), // *pvFindPara
- NULL ); // pPrevCertContext
-
+ pCertContext = findCertificateInStore( m_my_cert_store, m_cert_name );
if (pCertContext == NULL)
{
///// printf("**** Error 0x%x returned by CertFindCertificateInStore\n", GetLastError());
@@ -94,7 +86,6 @@ void SchannelContext::connect()
/////SSL3?
sc.grbitEnabledProtocols = SP_PROT_SSL3_CLIENT | SP_PROT_TLS1_CLIENT | SP_PROT_TLS1_1_CLIENT | SP_PROT_TLS1_2_CLIENT;
-/////Check SCH_CRED_REVOCATION_CHECK_CHAIN
sc.dwFlags = SCH_CRED_AUTO_CRED_VALIDATION | SCH_CRED_REVOCATION_CHECK_CHAIN;
if (pCertContext)