aboutsummaryrefslogtreecommitdiffstats
path: root/src/gnutls_config.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/gnutls_config.c')
-rw-r--r--src/gnutls_config.c20
1 files changed, 16 insertions, 4 deletions
diff --git a/src/gnutls_config.c b/src/gnutls_config.c
index 1194448..d3879f1 100644
--- a/src/gnutls_config.c
+++ b/src/gnutls_config.c
@@ -214,19 +214,31 @@ const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy,
214{ 214{
215 int rv; 215 int rv;
216 const char* file; 216 const char* file;
217 apr_pool_t* spool;
218 gnutls_datum_t data;
219
217 mgs_srvconf_rec *sc = 220 mgs_srvconf_rec *sc =
218 (mgs_srvconf_rec *) ap_get_module_config(parms->server-> 221 (mgs_srvconf_rec *) ap_get_module_config(parms->server->
219 module_config, 222 module_config,
220 &gnutls_module); 223 &gnutls_module);
221 file = ap_server_root_relative(parms->pool, arg); 224 apr_pool_create(&spool, parms->pool);
222 rv = gnutls_certificate_set_x509_trust_file(sc->certs, 225
223 file, GNUTLS_X509_FMT_PEM); 226 file = ap_server_root_relative(spool, arg);
224 227
228 sc->ca_list_size = 16;
229
230 load_datum_from_file(spool, file, &data);
231
232 rv = gnutls_x509_crt_list_import(sc->ca_list, &sc->ca_list_size,
233 &data, GNUTLS_X509_FMT_PEM,
234 GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED);
225 if (rv < 0) { 235 if (rv < 0) {
226 return apr_psprintf(parms->pool, "GnuTLS: Failed to load " 236 return apr_psprintf(parms->pool, "GnuTLS: Failed to load "
227 "Client CA File '%s': (%d) %s", file, rv, 237 "Client CA File '%s': (%d) %s", file, rv,
228 gnutls_strerror(rv)); 238 gnutls_strerror(rv));
229 } 239 }
240
241 apr_pool_destroy(spool);
230 return NULL; 242 return NULL;
231} 243}
232 244