1 files changed, 16 insertions, 4 deletions
diff --git a/src/gnutls_config.c b/src/gnutls_config.c
index 1194448..d3879f1 100644
--- a/src/gnutls_config.c
+++ b/src/gnutls_config.c
@@ -214,19 +214,31 @@ const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy,
 {
    int rv;
    const char* file;
+    apr_pool_t* spool;
+    gnutls_datum_t data;
    mgs_srvconf_rec *sc = 
        (mgs_srvconf_rec *) ap_get_module_config(parms->server->
                                                        module_config,
                                                        &gnutls_module);        
-    file = ap_server_root_relative(parms->pool, arg);
+    apr_pool_create(&spool, parms->pool);
-    rv = gnutls_certificate_set_x509_trust_file(sc->certs, 
-                                                file, GNUTLS_X509_FMT_PEM);
+    file = ap_server_root_relative(spool, arg);
-    
+    sc->ca_list_size = 16;
+    load_datum_from_file(spool, file, &data);
+    rv = gnutls_x509_crt_list_import(sc->ca_list, &sc->ca_list_size, 
+                                     &data, GNUTLS_X509_FMT_PEM,
+                                     GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED);
    if (rv < 0) {
        return apr_psprintf(parms->pool, "GnuTLS: Failed to load "
                            "Client CA File '%s': (%d) %s", file, rv, 
                            gnutls_strerror(rv));   
    }
+    apr_pool_destroy(spool);
    return NULL;
 }

diff --git a/src/gnutls_config.c b/src/gnutls_config.c index 1194448..d3879f1 100644 --- a/src/gnutls_config.c +++ b/src/gnutls_config.c
@@ -214,19 +214,31 @@ const char mgs_set_client_ca_file(cmd_parms parms, void *dummy,
214	{	214	{
215	int rv;	215	int rv;
216	const char* file;	216	const char* file;
		217	apr_pool_t* spool;
		218	gnutls_datum_t data;
		219
217	mgs_srvconf_rec *sc =	220	mgs_srvconf_rec *sc =
218	(mgs_srvconf_rec *) ap_get_module_config(parms->server->	221	(mgs_srvconf_rec *) ap_get_module_config(parms->server->
219	module_config,	222	module_config,
220	&gnutls_module);	223	&gnutls_module);
221	file = ap_server_root_relative(parms->pool, arg);	224	apr_pool_create(&spool, parms->pool);
222	rv = gnutls_certificate_set_x509_trust_file(sc->certs,	225
223	file, GNUTLS_X509_FMT_PEM);	226	file = ap_server_root_relative(spool, arg);
224		227
		228	sc->ca_list_size = 16;
		229
		230	load_datum_from_file(spool, file, &data);
		231
		232	rv = gnutls_x509_crt_list_import(sc->ca_list, &sc->ca_list_size,
		233	&data, GNUTLS_X509_FMT_PEM,
		234	GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED);
225	if (rv < 0) {	235	if (rv < 0) {
226	return apr_psprintf(parms->pool, "GnuTLS: Failed to load "	236	return apr_psprintf(parms->pool, "GnuTLS: Failed to load "
227	"Client CA File '%s': (%d) %s", file, rv,	237	"Client CA File '%s': (%d) %s", file, rv,
228	gnutls_strerror(rv));	238	gnutls_strerror(rv));
229	}	239	}
		240
		241	apr_pool_destroy(spool);
230	return NULL;	242	return NULL;
231	}	243	}
232		244