diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/gnutls_config.c | 32 |
1 files changed, 27 insertions, 5 deletions
diff --git a/src/gnutls_config.c b/src/gnutls_config.c index e290d90..0a56b38 100644 --- a/src/gnutls_config.c +++ b/src/gnutls_config.c | |||
@@ -398,6 +398,7 @@ const char *mgs_set_client_verify(cmd_parms * parms, void *dummy, | |||
398 | return NULL; | 398 | return NULL; |
399 | } | 399 | } |
400 | 400 | ||
401 | #define INIT_CA_SIZE 128 | ||
401 | const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy, | 402 | const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy, |
402 | const char *arg) | 403 | const char *arg) |
403 | { | 404 | { |
@@ -419,15 +420,36 @@ const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy, | |||
419 | "Client CA File '%s'", file); | 420 | "Client CA File '%s'", file); |
420 | } | 421 | } |
421 | 422 | ||
422 | sc->ca_list_size = MAX_CA_CRTS; | 423 | sc->ca_list_size = INIT_CA_SIZE; |
424 | sc->ca_list = malloc(sc->ca_list_size * sizeof(*sc->ca_list)); | ||
425 | if (sc->ca_list == NULL) { | ||
426 | return apr_psprintf(parms->pool, "mod_gnutls: Memory allocation error"); | ||
427 | } | ||
428 | |||
423 | rv = gnutls_x509_crt_list_import(sc->ca_list, &sc->ca_list_size, | 429 | rv = gnutls_x509_crt_list_import(sc->ca_list, &sc->ca_list_size, |
424 | &data, GNUTLS_X509_FMT_PEM, | 430 | &data, GNUTLS_X509_FMT_PEM, GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED); |
425 | GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED); | 431 | if (rv < 0 && rv != GNUTLS_E_SHORT_MEMORY_BUFFER) { |
426 | if (rv < 0) { | 432 | return apr_psprintf(parms->pool, "GnuTLS: Failed to load " |
427 | return apr_psprintf(parms->pool, "GnuTLS: Failed to load " | ||
428 | "Client CA File '%s': (%d) %s", file, rv, | 433 | "Client CA File '%s': (%d) %s", file, rv, |
429 | gnutls_strerror(rv)); | 434 | gnutls_strerror(rv)); |
430 | } | 435 | } |
436 | |||
437 | if (INIT_CA_SIZE < sc->ca_list_size) { | ||
438 | sc->ca_list = realloc(sc->ca_list, sc->ca_list_size*sizeof(*sc->ca_list)); | ||
439 | if (sc->ca_list == NULL) { | ||
440 | return apr_psprintf(parms->pool, "mod_gnutls: Memory allocation error"); | ||
441 | } | ||
442 | |||
443 | /* re-read */ | ||
444 | rv = gnutls_x509_crt_list_import(sc->ca_list, &sc->ca_list_size, | ||
445 | &data, GNUTLS_X509_FMT_PEM, 0); | ||
446 | |||
447 | if (rv < 0) { | ||
448 | return apr_psprintf(parms->pool, "GnuTLS: Failed to load " | ||
449 | "Client CA File '%s': (%d) %s", file, rv, | ||
450 | gnutls_strerror(rv)); | ||
451 | } | ||
452 | } | ||
431 | 453 | ||
432 | apr_pool_destroy(spool); | 454 | apr_pool_destroy(spool); |
433 | return NULL; | 455 | return NULL; |