Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Steve Lhomme
VLC
Commits
54ff6997
Commit
54ff6997
authored
Mar 01, 2012
by
Rémi Denis-Courmont
Browse files
gnutls: simplify x509 certs loading, no need for O_DIRECTORY
parent
7222ec27
Changes
1
Hide whitespace changes
Inline
Side-by-side
modules/misc/gnutls.c
View file @
54ff6997
...
...
@@ -399,9 +399,9 @@ gnutls_SessionPrioritize (vlc_object_t *obj, gnutls_session_t session)
* Loads x509 credentials from a file descriptor (directory or regular file)
* and closes the descriptor.
*/
static
void
gnutls_
Add
x509FD
(
vlc_object_t
*
obj
,
gnutls_certificate_credentials_t
cred
,
int
fd
,
bool
priv
,
unsigned
recursion
)
static
void
gnutls_x509
_Add
FD
(
vlc_object_t
*
obj
,
gnutls_certificate_credentials_t
cred
,
int
fd
,
bool
priv
,
unsigned
recursion
)
{
DIR
*
dir
=
fdopendir
(
fd
);
if
(
dir
!=
NULL
)
...
...
@@ -426,7 +426,7 @@ static void gnutls_Addx509FD (vlc_object_t *obj,
if
(
nfd
!=
-
1
)
{
msg_Dbg
(
obj
,
"loading x509 credentials from %s..."
,
ent
);
gnutls_
Add
x509FD
(
obj
,
cred
,
nfd
,
priv
,
recursion
);
gnutls_x509
_Add
FD
(
obj
,
cred
,
nfd
,
priv
,
recursion
);
}
else
msg_Dbg
(
obj
,
"cannot access x509 credentials in %s"
,
ent
);
...
...
@@ -462,27 +462,11 @@ static void gnutls_Addx509FD (vlc_object_t *obj,
close
(
fd
);
}
static
void
gnutls_
Add
x509
Directory
(
vlc_object_t
*
obj
,
gnutls_certificate_credentials
cred
,
const
char
*
path
,
bool
priv
)
static
void
gnutls_x509
_AddPath
(
vlc_object_t
*
obj
,
gnutls_certificate_credentials
cred
,
const
char
*
path
,
bool
priv
)
{
msg_Dbg
(
obj
,
"browsing x509 credentials in %s..."
,
path
);
int
fd
=
vlc_open
(
path
,
O_RDONLY
|
O_DIRECTORY
);
if
(
fd
==
-
1
)
{
msg_Warn
(
obj
,
"cannot access x509 in %s: %m"
,
path
);
return
;
}
gnutls_Addx509FD
(
obj
,
cred
,
fd
,
priv
,
5
);
}
static
void
gnutls_Addx509File
(
vlc_object_t
*
obj
,
gnutls_certificate_credentials
cred
,
const
char
*
path
,
bool
priv
)
{
msg_Dbg
(
obj
,
"loading x509 credentials from %s..."
,
path
);
msg_Dbg
(
obj
,
"loading x509 credentials in %s..."
,
path
);
int
fd
=
vlc_open
(
path
,
O_RDONLY
);
if
(
fd
==
-
1
)
{
...
...
@@ -490,7 +474,7 @@ static void gnutls_Addx509File (vlc_object_t *obj,
return
;
}
gnutls_
Add
x509FD
(
obj
,
cred
,
fd
,
priv
,
0
);
gnutls_x509
_Add
FD
(
obj
,
cred
,
fd
,
priv
,
5
);
}
#else
/* WIN32 */
static
int
...
...
@@ -557,14 +541,14 @@ static int OpenClient (vlc_tls_t *session, int fd, const char *hostname)
char
*
userdir
=
config_GetUserDir
(
VLC_DATA_DIR
);
if
(
userdir
!=
NULL
)
{
char
path
[
strlen
(
userdir
)
+
sizeof
(
"/ssl/private"
)];
char
path
[
strlen
(
userdir
)
+
sizeof
(
"/ssl/private
/
"
)];
sprintf
(
path
,
"%s/ssl"
,
userdir
);
vlc_mkdir
(
path
,
0755
);
sprintf
(
path
,
"%s/ssl/certs"
,
userdir
);
gnutls_
Add
x509
Directory
(
VLC_OBJECT
(
session
),
sys
->
x509_cred
,
path
,
false
);
sprintf
(
path
,
"%s/ssl/private"
,
userdir
);
gnutls_
Add
x509
Directory
(
VLC_OBJECT
(
session
),
sys
->
x509_cred
,
path
,
true
);
sprintf
(
path
,
"%s/ssl/certs
/
"
,
userdir
);
gnutls_x509
_AddPath
(
VLC_OBJECT
(
session
),
sys
->
x509_cred
,
path
,
false
);
sprintf
(
path
,
"%s/ssl/private
/
"
,
userdir
);
gnutls_x509
_AddPath
(
VLC_OBJECT
(
session
),
sys
->
x509_cred
,
path
,
true
);
free
(
userdir
);
}
...
...
@@ -573,7 +557,7 @@ static int OpenClient (vlc_tls_t *session, int fd, const char *hostname)
char
path
[
strlen
(
confdir
)
+
sizeof
(
"/ssl/certs/ca-certificates.crt"
)];
sprintf
(
path
,
"%s/ssl/certs/ca-certificates.crt"
,
confdir
);
gnutls_
Add
x509
File
(
VLC_OBJECT
(
session
),
sys
->
x509_cred
,
path
,
false
);
gnutls_x509
_AddPath
(
VLC_OBJECT
(
session
),
sys
->
x509_cred
,
path
,
false
);
}
#else
/* WIN32 */
gnutls_loadOSCAList
(
VLC_OBJECT
(
session
),
sys
->
x509_cred
);
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment