Author: mturk
Date: Thu Jun 30 04:18:36 2011
New Revision: 1141388
URL: http://svn.apache.org/viewvc?rev=1141388&view=rev
Log:
Fix BZ51437 by trying to load the DER cerificate if pem load error was
PEM_R_NO_START_LINE
Modified:
tomcat/native/trunk/native/src/sslcontext.c
Modified: tomcat/native/trunk/native/src/sslcontext.c
URL:
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslcontext.c?rev=1141388&r1=1141387&r2=1141388&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/sslcontext.c (original)
+++ tomcat/native/trunk/native/src/sslcontext.c Thu Jun 30 04:18:36 2011
@@ -474,7 +474,6 @@ static X509 *load_pem_cert(tcn_ssl_ctxt_
BIO *bio = NULL;
X509 *cert = NULL;
tcn_pass_cb_t *cb_data = c->cb_data;
- int i;
if ((bio = BIO_new(BIO_s_file())) == NULL) {
return NULL;
@@ -483,14 +482,14 @@ static X509 *load_pem_cert(tcn_ssl_ctxt_
BIO_free(bio);
return NULL;
}
- for (i = 0; i < 3; i++) {
- cert = PEM_read_bio_X509_AUX(bio, NULL,
- (pem_password_cb *)SSL_password_callback,
- (void *)cb_data);
- if (cert)
- break;
- cb_data->password[0] = '\0';
+ cert = PEM_read_bio_X509_AUX(bio, NULL,
+ (pem_password_cb *)SSL_password_callback,
+ (void *)cb_data);
+ if (cert == NULL &&
+ (ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE)) {
+ ERR_clear_error();
BIO_ctrl(bio, BIO_CTRL_RESET, 0, NULL);
+ cert = d2i_X509_bio(bio, NULL);
}
BIO_free(bio);
return cert;
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
