Author: ivan Date: Wed Apr 19 17:07:51 2023 New Revision: 1909252 URL: http://svn.apache.org/viewvc?rev=1909252&view=rev Log: Do not use OpenSSL functions that operates with FILE to avoid potential CRT versions mismatch. Use BIO based functions instead.
* test/MockHTTPinC/MockHTTP_server.c (initSSLCtx): Use PEM_read_bio_X509() instead of PEM_read_X509() to read certificates. * test/test_ssl.c (verify_ocsp_response): Use PEM_read_bio_PrivateKey() instead of PEM_read_PrivateKey(). Modified: serf/trunk/test/MockHTTPinC/MockHTTP_server.c serf/trunk/test/test_ssl.c Modified: serf/trunk/test/MockHTTPinC/MockHTTP_server.c URL: http://svn.apache.org/viewvc/serf/trunk/test/MockHTTPinC/MockHTTP_server.c?rev=1909252&r1=1909251&r2=1909252&view=diff ============================================================================== --- serf/trunk/test/MockHTTPinC/MockHTTP_server.c (original) +++ serf/trunk/test/MockHTTPinC/MockHTTP_server.c Wed Apr 19 17:07:51 2023 @@ -2748,12 +2748,12 @@ static apr_status_t initSSLCtx(_mhClient store = SSL_CTX_get_cert_store(ssl_ctx->ctx); for (i = 1; i < cctx->certFiles->nelts; i++) { - FILE *fp; + BIO *bio; certfile = APR_ARRAY_IDX(cctx->certFiles, i, const char *); - fp = fopen(certfile, "r"); - if (fp) { - X509 *ssl_cert = PEM_read_X509(fp, NULL, NULL, NULL); - fclose(fp); + bio = BIO_new_file(certfile, "r"); + if (bio) { + X509 *ssl_cert = PEM_read_bio_X509(bio, NULL, NULL, NULL); + BIO_free(bio); X509_STORE_add_cert(store, ssl_cert); SSL_CTX_add_extra_chain_cert(ssl_ctx->ctx, ssl_cert); Modified: serf/trunk/test/test_ssl.c URL: http://svn.apache.org/viewvc/serf/trunk/test/test_ssl.c?rev=1909252&r1=1909251&r2=1909252&view=diff ============================================================================== --- serf/trunk/test/test_ssl.c (original) +++ serf/trunk/test/test_ssl.c Wed Apr 19 17:07:51 2023 @@ -2571,10 +2571,10 @@ static apr_status_t verify_ocsp_response ? get_srcdir_file(tb->pool, "test/certs/private/serfrootcakey.pem") : get_srcdir_file(tb->pool, "test/certs/private/serfserverkey.pem")); - FILE * pkey_file = fopen(fname, "rb"); - if (pkey_file) { - pkey = PEM_read_PrivateKey(pkey_file, NULL, pkey_password_cb, NULL); - fclose(pkey_file); + BIO * pkey_bio = BIO_new_file(fname, "rb"); + if (pkey_bio) { + pkey = PEM_read_bio_PrivateKey(pkey_bio, NULL, pkey_password_cb, NULL); + BIO_free(pkey_bio); } if (!pkey) return APR_EGENERAL;