3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-21 11:52:34 +01:00

eap-tls: Replace l_pem_load_certificate() with newer functions

Stop using l_pem_load_certificate which has been removed from ell, use
the same functions to load certificate files to validate them as those
used by the TLS implementation itself.
This commit is contained in:
Andrew Zaborowski 2018-12-15 00:30:01 +01:00 committed by Denis Kenzior
parent 2ec66c9d3f
commit 961e6d1480

View File

@ -725,8 +725,6 @@ int eap_tls_common_settings_check(struct l_settings *settings,
char setting_key[72];
char client_cert_setting[72];
char passphrase_setting[72];
uint8_t *cert;
size_t size;
L_AUTO_FREE_VAR(char *, path);
L_AUTO_FREE_VAR(char *, client_cert) = NULL;
@ -735,13 +733,16 @@ int eap_tls_common_settings_check(struct l_settings *settings,
snprintf(setting_key, sizeof(setting_key), "%sCACert", prefix);
path = l_settings_get_string(settings, "Security", setting_key);
if (path) {
cert = l_pem_load_certificate(path, &size);
if (!cert) {
struct l_queue *cacerts;
cacerts = l_pem_load_certificate_list(path);
if (!cacerts) {
l_error("Failed to load %s", path);
return -EIO;
}
l_free(cert);
l_queue_destroy(cacerts,
(l_queue_destroy_func_t) l_cert_free);
}
snprintf(client_cert_setting, sizeof(client_cert_setting),
@ -749,13 +750,15 @@ int eap_tls_common_settings_check(struct l_settings *settings,
client_cert = l_settings_get_string(settings, "Security",
client_cert_setting);
if (client_cert) {
cert = l_pem_load_certificate(client_cert, &size);
struct l_certchain *cert;
cert = l_pem_load_certificate_chain(client_cert);
if (!cert) {
l_error("Failed to load %s", client_cert);
return -EIO;
}
l_free(cert);
l_certchain_free(cert);
}
l_free(path);