示例#1
0
static int netconn_secure_verify( int preverify_ok, X509_STORE_CTX *ctx )
{
    SSL *ssl;
    WCHAR *server;
    BOOL ret = FALSE;
    netconn_t *conn;

    ssl = pX509_STORE_CTX_get_ex_data( ctx, pSSL_get_ex_data_X509_STORE_CTX_idx() );
    server = pSSL_get_ex_data( ssl, hostname_idx );
    conn = pSSL_get_ex_data( ssl, conn_idx );
    if (preverify_ok)
    {
        HCERTSTORE store = CertOpenStore( CERT_STORE_PROV_MEMORY, 0, 0,
         CERT_STORE_CREATE_NEW_FLAG, NULL );

        if (store)
        {
            X509 *cert;
            int i;
            PCCERT_CONTEXT endCert = NULL;

            ret = TRUE;
            for (i = 0; ret && i < psk_num((struct stack_st *)ctx->chain); i++)
            {
                PCCERT_CONTEXT context;

                cert = (X509 *)psk_value((struct stack_st *)ctx->chain, i);
                if ((context = X509_to_cert_context( cert )))
                {
                    if (i == 0)
                        ret = CertAddCertificateContextToStore( store, context,
                            CERT_STORE_ADD_ALWAYS, &endCert );
                    else
                        ret = CertAddCertificateContextToStore( store, context,
                            CERT_STORE_ADD_ALWAYS, NULL );
                    CertFreeCertificateContext( context );
                }
            }
            if (!endCert) ret = FALSE;
            if (ret)
            {
                DWORD_PTR err = netconn_verify_cert( endCert, store, server,
                                                     conn->security_flags );

                if (err)
                {
                    pSSL_set_ex_data( ssl, error_idx, (void *)err );
                    ret = FALSE;
                }
            }
            CertFreeCertificateContext( endCert );
            CertCloseStore( store, 0 );
        }
    }
    return ret;
}
示例#2
0
文件: net.c 项目: mikekap/wine
const void *netconn_get_certificate( netconn_t *conn )
{
#ifdef SONAME_LIBSSL
    X509 *cert;
    const CERT_CONTEXT *ret;

    if (!conn->secure) return NULL;

    if (!(cert = pSSL_get_peer_certificate( conn->ssl_conn ))) return NULL;
    ret = X509_to_cert_context( cert );
    return ret;
#else
    return NULL;
#endif
}
示例#3
0
LPCVOID NETCON_GetCert(netconn_t *connection)
{
#ifdef SONAME_LIBSSL
    X509* cert;
    LPCVOID r = NULL;

    if (!connection->ssl_s)
        return NULL;

    cert = pSSL_get_peer_certificate(connection->ssl_s);
    r = X509_to_cert_context(cert);
    return r;
#else
    return NULL;
#endif
}