Skip to content

Commit f58121e

Browse files
timleggetimlegge
authored
Merge pull request #10 from perl-net-saml2/issue7
Fixes #7 - No need to init look up if its not being used
2 parents e548214 + 58bc456 commit f58121e

File tree

2 files changed

+25
-38
lines changed

2 files changed

+25
-38
lines changed

Verify.pm

Lines changed: 0 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -165,14 +165,6 @@ Constructor. Returns an OpenSSL Verify instance, set up with the given CA.
165165
# Using the defaults of your OS:
166166
my $ca = Crypt::OpenSSL::Verify->new();
167167
168-
=head2 new_from_x509($catext)
169-
170-
Constructor. Returns an OpenSSL Verify instance, set up with the given CA.
171-
172-
Arguments:
173-
174-
* $ca - Crypt::OpenSSL::X509->new_from_string(base64 certificate string)
175-
176168
=head2 verify($cert)
177169
178170
Verify the certificate is signed by the CA. Returns true if so, and

Verify.xs

Lines changed: 25 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -276,6 +276,8 @@ SV * new(class, ...)
276276
if (ST(1) != NULL)
277277
// TODO: ensure_string_sv
278278
CAfile = ST(1);
279+
if (strlen(SvPV_nolen(CAfile)) == 0)
280+
CAfile = NULL;
279281

280282
if (items > 2)
281283
options = ensure_hv(ST(2), "options");
@@ -318,46 +320,39 @@ SV * new(class, ...)
318320
if (!strict_certs)
319321
X509_STORE_set_verify_cb_func(x509_store, cb1);
320322

321-
if (noCAfile) {
322-
X509_LOOKUP_init(cafile_lookup);
323-
}
324-
else {
323+
if (CAfile != NULL || !noCAfile) {
325324
cafile_lookup = X509_STORE_add_lookup(x509_store, X509_LOOKUP_file());
326-
}
327-
328-
if (cafile_lookup == NULL) {
329-
X509_STORE_free(x509_store);
330-
croak("failure to add lookup to store: %s", ssl_error());
331-
}
332-
333-
if (CAfile != NULL) {
334-
if (!X509_STORE_load_locations(x509_store, SvPV_nolen(CAfile), NULL)) {
325+
if (cafile_lookup == NULL) {
335326
X509_STORE_free(x509_store);
336-
croak("Error loading file %s: %s\n", SvPV_nolen(CAfile),
337-
ssl_error());
327+
croak("failure to add lookup to store: %s", ssl_error());
328+
}
329+
if (CAfile != NULL) {
330+
if (!X509_LOOKUP_load_file(cafile_lookup, SvPV_nolen(CAfile), X509_FILETYPE_PEM)) {
331+
X509_STORE_free(x509_store);
332+
croak("Error loading file %s: %s\n", SvPV_nolen(CAfile),
333+
ssl_error());
334+
}
335+
} else {
336+
X509_LOOKUP_load_file(cafile_lookup, NULL, X509_FILETYPE_DEFAULT);
338337
}
339338
}
340339

341-
if (noCApath) {
342-
X509_LOOKUP_init(cadir_lookup);
343-
}
344-
else {
340+
if (CApath != NULL || !noCApath) {
345341
cadir_lookup = X509_STORE_add_lookup(x509_store, X509_LOOKUP_hash_dir());
346-
}
347-
348-
if (cadir_lookup == NULL) {
349-
X509_STORE_free(x509_store);
350-
croak("failure to add lookup to store: %s", ssl_error());
351-
}
352-
353-
if (CApath != NULL) {
354-
if (!X509_LOOKUP_add_dir(cadir_lookup, SvPV_nolen(CApath), X509_FILETYPE_PEM)) {
342+
if (cadir_lookup == NULL) {
355343
X509_STORE_free(x509_store);
356-
croak("Error loading directory %s\n", SvPV_nolen(CApath));
344+
croak("failure to add lookup to store: %s", ssl_error());
345+
}
346+
if (CApath != NULL) {
347+
if (!X509_LOOKUP_add_dir(cadir_lookup, SvPV_nolen(CApath), X509_FILETYPE_PEM)) {
348+
X509_STORE_free(x509_store);
349+
croak("Error loading directory %s\n", SvPV_nolen(CApath));
350+
}
351+
} else {
352+
X509_LOOKUP_add_dir(cadir_lookup, NULL, X509_FILETYPE_DEFAULT);
357353
}
358354
}
359355

360-
361356
HV * attributes = newHV();
362357

363358
SV *const self = newRV_noinc( (SV *)attributes );

0 commit comments

Comments
 (0)