diff options
Diffstat (limited to 'src/gnutls_config.c')
-rw-r--r-- | src/gnutls_config.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/src/gnutls_config.c b/src/gnutls_config.c index 1194448..d3879f1 100644 --- a/src/gnutls_config.c +++ b/src/gnutls_config.c | |||
@@ -214,19 +214,31 @@ const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy, | |||
214 | { | 214 | { |
215 | int rv; | 215 | int rv; |
216 | const char* file; | 216 | const char* file; |
217 | apr_pool_t* spool; | ||
218 | gnutls_datum_t data; | ||
219 | |||
217 | mgs_srvconf_rec *sc = | 220 | mgs_srvconf_rec *sc = |
218 | (mgs_srvconf_rec *) ap_get_module_config(parms->server-> | 221 | (mgs_srvconf_rec *) ap_get_module_config(parms->server-> |
219 | module_config, | 222 | module_config, |
220 | &gnutls_module); | 223 | &gnutls_module); |
221 | file = ap_server_root_relative(parms->pool, arg); | 224 | apr_pool_create(&spool, parms->pool); |
222 | rv = gnutls_certificate_set_x509_trust_file(sc->certs, | 225 | |
223 | file, GNUTLS_X509_FMT_PEM); | 226 | file = ap_server_root_relative(spool, arg); |
224 | 227 | ||
228 | sc->ca_list_size = 16; | ||
229 | |||
230 | load_datum_from_file(spool, file, &data); | ||
231 | |||
232 | rv = gnutls_x509_crt_list_import(sc->ca_list, &sc->ca_list_size, | ||
233 | &data, GNUTLS_X509_FMT_PEM, | ||
234 | GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED); | ||
225 | if (rv < 0) { | 235 | if (rv < 0) { |
226 | return apr_psprintf(parms->pool, "GnuTLS: Failed to load " | 236 | return apr_psprintf(parms->pool, "GnuTLS: Failed to load " |
227 | "Client CA File '%s': (%d) %s", file, rv, | 237 | "Client CA File '%s': (%d) %s", file, rv, |
228 | gnutls_strerror(rv)); | 238 | gnutls_strerror(rv)); |
229 | } | 239 | } |
240 | |||
241 | apr_pool_destroy(spool); | ||
230 | return NULL; | 242 | return NULL; |
231 | } | 243 | } |
232 | 244 | ||