summaryrefslogtreecommitdiffstats
path: root/tdeio/kssl/ksslcertificate.cc
diff options
context:
space:
mode:
Diffstat (limited to 'tdeio/kssl/ksslcertificate.cc')
-rw-r--r--tdeio/kssl/ksslcertificate.cc57
1 files changed, 53 insertions, 4 deletions
diff --git a/tdeio/kssl/ksslcertificate.cc b/tdeio/kssl/ksslcertificate.cc
index 1f95c39..95e0866 100644
--- a/tdeio/kssl/ksslcertificate.cc
+++ b/tdeio/kssl/ksslcertificate.cc
@@ -83,6 +83,7 @@ public:
bool m_stateCached;
#ifdef KSSL_HAVE_SSL
X509 *m_cert;
+ X509_CRL *m_cert_crl;
#endif
KOSSL *kossl;
KSSLCertChain _chain;
@@ -161,6 +162,26 @@ KSSLCertificate *n = NULL;
return n;
}
+KSSLCertificate *KSSLCertificate::crlFromString(TQCString cert) {
+KSSLCertificate *n = NULL;
+#ifdef KSSL_HAVE_SSL
+ if (cert.length() == 0)
+ return NULL;
+
+ TQByteArray qba, qbb = cert.copy();
+ KCodecs::base64Decode(qbb, qba);
+ unsigned char *qbap = reinterpret_cast<unsigned char *>(qba.data());
+ X509_CRL *x5c = KOSSL::self()->d2i_X509_CRL(NULL, &qbap, qba.size());
+ if (!x5c) {
+ return NULL;
+ }
+
+ n = new KSSLCertificate;
+ n->setCRL(x5c);
+#endif
+return n;
+}
+
TQString KSSLCertificate::getSubject() const {
@@ -544,6 +565,17 @@ d->m_stateCached = false;
d->m_stateCache = KSSLCertificate::Unknown;
}
+void KSSLCertificate::setCRL(X509_CRL *c) {
+#ifdef KSSL_HAVE_SSL
+d->m_cert_crl = c;
+if (c) {
+ d->_extensions.flags = 0;
+}
+#endif
+d->m_stateCached = false;
+d->m_stateCache = KSSLCertificate::Unknown;
+}
+
X509 *KSSLCertificate::getCert() {
#ifdef KSSL_HAVE_SSL
return d->m_cert;
@@ -624,7 +656,6 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi
X509_STORE *certStore;
X509_LOOKUP *certLookup;
X509_STORE_CTX *certStoreCTX;
- int rc = 0;
if (!d->m_cert)
{
@@ -702,7 +733,7 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi
KSSL_X509CallBack_ca_found = false;
certStoreCTX->error = X509_V_OK;
- rc = d->kossl->X509_verify_cert(certStoreCTX);
+ d->kossl->X509_verify_cert(certStoreCTX);
int errcode = certStoreCTX->error;
if (ca && !KSSL_X509CallBack_ca_found) {
ksslv = KSSLCertificate::Irrelevant;
@@ -717,7 +748,7 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi
X509_PURPOSE_NS_SSL_SERVER);
certStoreCTX->error = X509_V_OK;
- rc = d->kossl->X509_verify_cert(certStoreCTX);
+ d->kossl->X509_verify_cert(certStoreCTX);
errcode = certStoreCTX->error;
ksslv = processError(errcode);
}
@@ -885,6 +916,24 @@ return TQDateTime::currentDateTime();
}
+TQDateTime KSSLCertificate::getQDTLastUpdate() const {
+#ifdef KSSL_HAVE_SSL
+return ASN1_UTCTIME_QDateTime(X509_CRL_get_lastUpdate(d->m_cert_crl), NULL);
+#else
+return TQDateTime::currentDateTime();
+#endif
+}
+
+
+TQDateTime KSSLCertificate::getQDTNextUpdate() const {
+#ifdef KSSL_HAVE_SSL
+return ASN1_UTCTIME_QDateTime(X509_CRL_get_nextUpdate(d->m_cert_crl), NULL);
+#else
+return TQDateTime::currentDateTime();
+#endif
+}
+
+
int operator==(KSSLCertificate &x, KSSLCertificate &y) {
#ifndef KSSL_HAVE_SSL
return 1;
@@ -1115,7 +1164,7 @@ TQStringList KSSLCertificate::subjAltNames() const {
TQString s = (const char *)d->kossl->ASN1_STRING_data(val->d.ia5);
if (!s.isEmpty() &&
/* skip subjectAltNames with embedded NULs */
- s.length() == d->kossl->ASN1_STRING_length(val->d.ia5)) {
+ s.length() == (unsigned int)d->kossl->ASN1_STRING_length(val->d.ia5)) {
rc += s;
}
}