summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_rsa.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_rsa.c')
-rw-r--r--src/lib/libssl/ssl_rsa.c64
1 files changed, 48 insertions, 16 deletions
diff --git a/src/lib/libssl/ssl_rsa.c b/src/lib/libssl/ssl_rsa.c
index d4d14bad35..e8b72f016e 100644
--- a/src/lib/libssl/ssl_rsa.c
+++ b/src/lib/libssl/ssl_rsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_rsa.c,v 1.16 2014/07/12 16:03:37 miod Exp $ */ 1/* $OpenBSD: ssl_rsa.c,v 1.17 2014/09/28 14:45:48 reyk Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -66,6 +66,8 @@
66 66
67static int ssl_set_cert(CERT *c, X509 *x509); 67static int ssl_set_cert(CERT *c, X509 *x509);
68static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey); 68static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
69static int ssl_ctx_use_certificate_chain_bio(SSL_CTX *, BIO *);
70
69int 71int
70SSL_use_certificate(SSL *ssl, X509 *x) 72SSL_use_certificate(SSL *ssl, X509 *x)
71{ 73{
@@ -637,30 +639,18 @@ SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const unsigned char *d,
637 639
638 640
639/* 641/*
640 * Read a file that contains our certificate in "PEM" format, 642 * Read a bio that contains our certificate in "PEM" format,
641 * possibly followed by a sequence of CA certificates that should be 643 * possibly followed by a sequence of CA certificates that should be
642 * sent to the peer in the Certificate message. 644 * sent to the peer in the Certificate message.
643 */ 645 */
644int 646static int
645SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file) 647ssl_ctx_use_certificate_chain_bio(SSL_CTX *ctx, BIO *in)
646{ 648{
647 BIO *in;
648 int ret = 0; 649 int ret = 0;
649 X509 *x = NULL; 650 X509 *x = NULL;
650 651
651 ERR_clear_error(); /* clear error stack for SSL_CTX_use_certificate() */ 652 ERR_clear_error(); /* clear error stack for SSL_CTX_use_certificate() */
652 653
653 in = BIO_new(BIO_s_file_internal());
654 if (in == NULL) {
655 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
656 goto end;
657 }
658
659 if (BIO_read_filename(in, file) <= 0) {
660 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_SYS_LIB);
661 goto end;
662 }
663
664 x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback, 654 x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback,
665 ctx->default_passwd_callback_userdata); 655 ctx->default_passwd_callback_userdata);
666 if (x == NULL) { 656 if (x == NULL) {
@@ -716,6 +706,48 @@ SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
716end: 706end:
717 if (x != NULL) 707 if (x != NULL)
718 X509_free(x); 708 X509_free(x);
709 return (ret);
710}
711
712int
713SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
714{
715 BIO *in;
716 int ret = 0;
717
718 in = BIO_new(BIO_s_file_internal());
719 if (in == NULL) {
720 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
721 goto end;
722 }
723
724 if (BIO_read_filename(in, file) <= 0) {
725 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_SYS_LIB);
726 goto end;
727 }
728
729 ret = ssl_ctx_use_certificate_chain_bio(ctx, in);
730
731end:
732 BIO_free(in);
733 return (ret);
734}
735
736int
737SSL_CTX_use_certificate_chain(SSL_CTX *ctx, void *buf, int len)
738{
739 BIO *in;
740 int ret = 0;
741
742 in = BIO_new_mem_buf(buf, len);
743 if (in == NULL) {
744 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
745 goto end;
746 }
747
748 ret = ssl_ctx_use_certificate_chain_bio(ctx, in);
749
750end:
719 BIO_free(in); 751 BIO_free(in);
720 return (ret); 752 return (ret);
721} 753}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 01:00:15 +0000