diff --git a/CHANGES b/CHANGES index 11ebbe1d97392abfc82feef331928b9d4cf7d4f2..5d129a825af826a0000a7a667b408584cba6d661 100644 --- a/CHANGES +++ b/CHANGES @@ -12,6 +12,9 @@ *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7 +) applies to 0.9.7 only + +) Add an implementation of SSL_add_dir_cert_subjects_to_stack for Win32. + [Massimo Santin via Richard Levitte] + +) Major restructuring to the underlying ENGINE code. This includes reduction of linker bloat, separation of pure "ENGINE" manipulation (initialisation, etc) from functionality dealing with implementations diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 6895f6216653f0325d4475af0cfc82e32d1555e0..cf7102bdc22900e0af6159737e4228b8fb16986c 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -115,6 +115,10 @@ #include #endif +#if defined(WIN32) +#include +#endif + #ifdef NeXT #include #define dirent direct @@ -771,4 +775,52 @@ err: #endif #endif + +#else + +int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, + const char *dir) + { + WIN32_FIND_DATA FindFileData; + HANDLE hFind; + int ret = 0; + + CRYPTO_w_lock(CRYPTO_LOCK_READDIR); + + hFind = FindFirstFile(dir, &FindFileData); + /* Note that a side effect is that the CAs will be sorted by name */ + if(hFind == INVALID_HANDLE_VALUE) + { + SYSerr(SYS_F_OPENDIR, get_last_sys_error()); + ERR_add_error_data(3, "opendir('", dir, "')"); + SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB); + goto err; + } + + do + { + char buf[1024]; + int r; + + if(strlen(dir)+strlen(FindFileData.cFileName)+2 > sizeof buf) + { + SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG); + goto err; + } + + r = BIO_snprintf(buf,sizeof buf,"%s/%s",dir,FindFileData.cFileName); + if (r <= 0 || r >= sizeof buf) + goto err; + if(!SSL_add_file_cert_subjects_to_stack(stack,buf)) + goto err; + } + while (FindNextFile(hFind, &FindFileData) != FALSE); + FindClose(hFind); + ret = 1; + +err: + CRYPTO_w_unlock(CRYPTO_LOCK_READDIR); + return ret; + } + #endif