Kernel/iwd
3
0
Fork 0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-18 01:59:31 +01:00
Code Releases Activity

eap-tls: Replace l_pem_load_certificate() with newer functions

Browse Source 
Stop using l_pem_load_certificate which has been removed from ell, use
the same functions to load certificate files to validate them as those
used by the TLS implementation itself.
This commit is contained in:
Andrew Zaborowski 2018-12-15 00:30:01 +01:00 committed by Denis Kenzior
parent 2ec66c9d3f
commit 961e6d1480
1 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/eap-tls-common.c
View File

@ -725,8 +725,6 @@ int eap_tls_common_settings_check(struct l_settings *settings,
char setting_key[72];
char client_cert_setting[72];
char passphrase_setting[72];
uint8_t *cert;
size_t size;
L_AUTO_FREE_VAR(char *, path);
L_AUTO_FREE_VAR(char *, client_cert) = NULL;
@ -735,13 +733,16 @@ int eap_tls_common_settings_check(struct l_settings *settings,
snprintf(setting_key, sizeof(setting_key), "%sCACert", prefix);
path = l_settings_get_string(settings, "Security", setting_key);
if (path) {
cert = l_pem_load_certificate(path, &size);
if (!cert) {
struct l_queue *cacerts;
cacerts = l_pem_load_certificate_list(path);
if (!cacerts) {
l_error("Failed to load %s", path);
return -EIO;
}
l_free(cert);
l_queue_destroy(cacerts,
(l_queue_destroy_func_t) l_cert_free);
}
snprintf(client_cert_setting, sizeof(client_cert_setting),
@ -749,13 +750,15 @@ int eap_tls_common_settings_check(struct l_settings *settings,
client_cert = l_settings_get_string(settings, "Security",
client_cert_setting);
if (client_cert) {
cert = l_pem_load_certificate(client_cert, &size);
struct l_certchain *cert;
cert = l_pem_load_certificate_chain(client_cert);
if (!cert) {
l_error("Failed to load %s", client_cert);
return -EIO;
}
l_free(cert);
l_certchain_free(cert);
}
l_free(path);