diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/ssl_cert.c | 50 | 
1 files changed, 20 insertions, 30 deletions
| diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c index 79eb4ee031..9c952f452a 100644 --- a/src/lib/libssl/ssl_cert.c +++ b/src/lib/libssl/ssl_cert.c | |||
| @@ -118,6 +118,7 @@ | |||
| 118 | 118 | ||
| 119 | #include <stdio.h> | 119 | #include <stdio.h> | 
| 120 | #include <unistd.h> | 120 | #include <unistd.h> | 
| 121 | #include <dirent.h> | ||
| 121 | 122 | ||
| 122 | #include <openssl/opensslconf.h> | 123 | #include <openssl/opensslconf.h> | 
| 123 | #include <openssl/e_os2.h> | 124 | #include <openssl/e_os2.h> | 
| @@ -798,42 +799,31 @@ int | |||
| 798 | SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, | 799 | SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, | 
| 799 | const char *dir) | 800 | const char *dir) | 
| 800 | { | 801 | { | 
| 801 | OPENSSL_DIR_CTX *d = NULL; | 802 | DIR *dirp = NULL; | 
| 802 | const char *filename; | 803 | char *path = NULL; | 
| 803 | int ret = 0; | 804 | int ret = 0; | 
| 804 | 805 | ||
| 805 | CRYPTO_w_lock(CRYPTO_LOCK_READDIR); | 806 | CRYPTO_w_lock(CRYPTO_LOCK_READDIR); | 
| 806 | 807 | dirp = opendir(dir); | |
| 807 | /* Note that a side effect is that the CAs will be sorted by name */ | 808 | if (dirp) { | 
| 808 | 809 | struct dirent * dp; | |
| 809 | while ((filename = OPENSSL_DIR_read(&d, dir))) { | 810 | while ((dp = readdir(dirp)) != NULL) { | 
| 810 | char buf[1024]; | 811 | if (asprintf(&path, "%s/%s", dir, dp->d_name) != -1) { | 
| 811 | int r; | 812 | ret = SSL_add_file_cert_subjects_to_stack | 
| 812 | 813 | (stack,path); | |
| 813 | if (strlen(dir) + strlen(filename) + 2 > sizeof buf) { | 814 | free(path); | 
| 814 | SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, SSL_R_PATH_TOO_LONG); | 815 | } | 
| 815 | goto err; | 816 | if (!ret) | 
| 817 | break; | ||
| 816 | } | 818 | } | 
| 817 | r = BIO_snprintf(buf, sizeof buf, "%s/%s", dir, filename); | 819 | (void) closedir(dirp); | 
| 818 | if (r <= 0 || r >= (int)sizeof(buf)) | ||
| 819 | goto err; | ||
| 820 | if (!SSL_add_file_cert_subjects_to_stack(stack, buf)) | ||
| 821 | goto err; | ||
| 822 | } | 820 | } | 
| 823 | 821 | if (!ret) { | |
| 824 | if (errno) { | 822 | SYSerr(SYS_F_OPENDIR, errno); | 
| 825 | SYSerr(SYS_F_OPENDIR, errno); | 823 | ERR_add_error_data(3, "opendir ('", dir, "')"); | 
| 826 | ERR_add_error_data(3, "OPENSSL_DIR_read(&ctx, '", dir, "')"); | 824 | SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, | 
| 827 | SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB); | 825 | ERR_R_SYS_LIB); | 
| 828 | goto err; | ||
| 829 | } | 826 | } | 
| 830 | |||
| 831 | ret = 1; | ||
| 832 | |||
| 833 | err: | ||
| 834 | if (d) | ||
| 835 | OPENSSL_DIR_end(&d); | ||
| 836 | CRYPTO_w_unlock(CRYPTO_LOCK_READDIR); | 827 | CRYPTO_w_unlock(CRYPTO_LOCK_READDIR); | 
| 837 | return ret; | 828 | return ret; | 
| 838 | } | 829 | } | 
| 839 | |||
