Skip to content

Commit 663e21b

Browse files
timleggetimlegge
committed
Fixes #7 - Revert the changes to CAPath and CAFile, make it closer to openSSL verify
1 parent e548214 commit 663e21b

File tree

1 file changed

+23
-30
lines changed

1 file changed

+23
-30
lines changed

Verify.xs

Lines changed: 23 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -318,46 +318,39 @@ SV * new(class, ...)
318318
if (!strict_certs)
319319
X509_STORE_set_verify_cb_func(x509_store, cb1);
320320

321-
if (noCAfile) {
322-
X509_LOOKUP_init(cafile_lookup);
323-
}
324-
else {
321+
if (CAfile != NULL || !noCAfile) {
325322
cafile_lookup = X509_STORE_add_lookup(x509_store, X509_LOOKUP_file());
326-
}
327-
328-
if (cafile_lookup == NULL) {
329-
X509_STORE_free(x509_store);
330-
croak("failure to add lookup to store: %s", ssl_error());
331-
}
332-
333-
if (CAfile != NULL) {
334-
if (!X509_STORE_load_locations(x509_store, SvPV_nolen(CAfile), NULL)) {
323+
if (cafile_lookup == NULL) {
335324
X509_STORE_free(x509_store);
336-
croak("Error loading file %s: %s\n", SvPV_nolen(CAfile),
337-
ssl_error());
325+
croak("failure to add lookup to store: %s", ssl_error());
326+
}
327+
if (CAfile != NULL) {
328+
if (!X509_LOOKUP_load_file(cafile_lookup, SvPV_nolen(CAfile), X509_FILETYPE_PEM)) {
329+
X509_STORE_free(x509_store);
330+
croak("Error loading file %s: %s\n", SvPV_nolen(CAfile),
331+
ssl_error());
332+
}
333+
} else {
334+
X509_LOOKUP_load_file(cafile_lookup, NULL, X509_FILETYPE_DEFAULT);
338335
}
339336
}
340337

341-
if (noCApath) {
342-
X509_LOOKUP_init(cadir_lookup);
343-
}
344-
else {
338+
if (CApath != NULL || !noCApath) {
345339
cadir_lookup = X509_STORE_add_lookup(x509_store, X509_LOOKUP_hash_dir());
346-
}
347-
348-
if (cadir_lookup == NULL) {
349-
X509_STORE_free(x509_store);
350-
croak("failure to add lookup to store: %s", ssl_error());
351-
}
352-
353-
if (CApath != NULL) {
354-
if (!X509_LOOKUP_add_dir(cadir_lookup, SvPV_nolen(CApath), X509_FILETYPE_PEM)) {
340+
if (cadir_lookup == NULL) {
355341
X509_STORE_free(x509_store);
356-
croak("Error loading directory %s\n", SvPV_nolen(CApath));
342+
croak("failure to add lookup to store: %s", ssl_error());
343+
}
344+
if (CApath != NULL) {
345+
if (!X509_LOOKUP_add_dir(cadir_lookup, SvPV_nolen(CApath), X509_FILETYPE_PEM)) {
346+
X509_STORE_free(x509_store);
347+
croak("Error loading directory %s\n", SvPV_nolen(CApath));
348+
}
349+
} else {
350+
X509_LOOKUP_add_dir(cadir_lookup, NULL, X509_FILETYPE_DEFAULT);
357351
}
358352
}
359353

360-
361354
HV * attributes = newHV();
362355

363356
SV *const self = newRV_noinc( (SV *)attributes );

0 commit comments

Comments
 (0)