diff options
author | Tor Lillqvist <tlillqvist@suse.com> | 2013-03-14 20:41:38 +0200 |
---|---|---|
committer | Tor Lillqvist <tlillqvist@suse.com> | 2013-03-14 20:57:09 +0200 |
commit | 11aa71c442da422999befbcee79fe1c0c0e7e194 (patch) | |
tree | 36ed1e72e52a30eb106cf11aa6133542ba17cead | |
parent | When debugging, define NE_DEBUGGING (diff) | |
download | core-11aa71c442da422999befbcee79fe1c0c0e7e194.tar.gz core-11aa71c442da422999befbcee79fe1c0c0e7e194.zip |
Use the system root certificates in ne_ssl_trust_default_ca() on Windows
Part of fix for bnc#805901.
Change-Id: Ic0963285eca4e06d60a02746c022c60ae33b0e0e
-rw-r--r-- | neon/makefile.mk | 2 | ||||
-rw-r--r-- | neon/neon_win32_root_certs.patch | 58 |
2 files changed, 59 insertions, 1 deletions
diff --git a/neon/makefile.mk b/neon/makefile.mk index bf5b30262ecb..42e1f1639135 100644 --- a/neon/makefile.mk +++ b/neon/makefile.mk @@ -53,7 +53,7 @@ TARFILE_MD5=ff369e69ef0f0143beb5626164e87ae2 PATCH_FILES=neon.patch neon_ne_set_request_flag.patch .IF "$(GUI)"=="WNT" - PATCH_FILES+=neon_exports_win.patch + PATCH_FILES+=neon_exports_win.patch neon_win32_root_certs.patch .ELSE PATCH_FILES+=neon_exports_unix.patch .ENDIF diff --git a/neon/neon_win32_root_certs.patch b/neon/neon_win32_root_certs.patch new file mode 100644 index 000000000000..a4d915168ef3 --- /dev/null +++ b/neon/neon_win32_root_certs.patch @@ -0,0 +1,58 @@ +--- misc/neon-0.29.5/src/ne_openssl.c ++++ misc/build/neon-0.29.5/src/ne_openssl.c +@@ -41,6 +41,13 @@ + #include <pthread.h> + #endif + ++#ifdef WIN32 ++#define X509_NAME WIN32_X509_NAME ++#include <windows.h> ++#include <wincrypt.h> ++#undef X509_NAME ++#endif ++ + #include "ne_ssl.h" + #include "ne_string.h" + #include "ne_session.h" +@@ -798,6 +798,31 @@ + X509_STORE_load_locations(store, NE_SSL_CA_BUNDLE, NULL); + #else + X509_STORE_set_default_paths(store); ++#ifdef WIN32 ++ { ++ HCERTSTORE hStore; ++ PCCERT_CONTEXT pContext = NULL; ++ X509 *x509; ++ ++ hStore = CertOpenSystemStore(0, "ROOT"); ++ if (hStore) ++ { ++ while (pContext = CertEnumCertificatesInStore(hStore, pContext)) ++ { ++ x509 = d2i_X509(NULL, &pContext->pbCertEncoded, pContext->cbCertEncoded); ++ if (x509) ++ { ++ X509_STORE_add_cert(store, x509); ++ X509_free(x509); ++ } ++ } ++ } ++ ++ CertFreeCertificateContext(pContext); ++ CertCloseStore(hStore, 0); ++ } ++#endif ++ + #endif + } + +--- misc/neon-0.29.5/src/makefile.mk ++++ misc/build/neon-0.29.5/src/makefile.mk +@@ -80,6 +80,7 @@ + .IF "$(GUI)"=="WNT" + SHL1STDLIBS+= $(WS2_32LIB) + SHL1STDLIBS+= $(OPENSSLLIB) ++ SHL1STDLIBS+= crypt32.lib + .ELSE # WNT + .IF "$(OS)"=="SOLARIS" + SHL1STDLIBS+= -lnsl -lsocket -ldl |