svn commit: r1909252 - in /serf/trunk/test: MockHTTPinC/MockHTTP_server.c test_ssl.c

Wed, 19 Apr 2023 10:07:58 -0700 

Author: ivan
Date: Wed Apr 19 17:07:51 2023
New Revision: 1909252

URL: http://svn.apache.org/viewvc?rev=1909252&view=rev
Log:
Do not use OpenSSL functions that operates with FILE to avoid potential CRT
versions mismatch. Use BIO based functions instead.

* test/MockHTTPinC/MockHTTP_server.c
  (initSSLCtx): Use PEM_read_bio_X509() instead of PEM_read_X509() to read
   certificates.
* test/test_ssl.c
  (verify_ocsp_response): Use PEM_read_bio_PrivateKey() instead of
   PEM_read_PrivateKey().
  

Modified:
    serf/trunk/test/MockHTTPinC/MockHTTP_server.c
    serf/trunk/test/test_ssl.c

Modified: serf/trunk/test/MockHTTPinC/MockHTTP_server.c
URL: 
http://svn.apache.org/viewvc/serf/trunk/test/MockHTTPinC/MockHTTP_server.c?rev=1909252&r1=1909251&r2=1909252&view=diff
==============================================================================
--- serf/trunk/test/MockHTTPinC/MockHTTP_server.c (original)
+++ serf/trunk/test/MockHTTPinC/MockHTTP_server.c Wed Apr 19 17:07:51 2023
@@ -2748,12 +2748,12 @@ static apr_status_t initSSLCtx(_mhClient
 
         store = SSL_CTX_get_cert_store(ssl_ctx->ctx);
         for (i = 1; i < cctx->certFiles->nelts; i++) {
-            FILE *fp;
+            BIO *bio;
             certfile = APR_ARRAY_IDX(cctx->certFiles, i, const char *);
-            fp = fopen(certfile, "r");
-            if (fp) {
-                X509 *ssl_cert = PEM_read_X509(fp, NULL, NULL, NULL);
-                fclose(fp);
+            bio = BIO_new_file(certfile, "r");
+            if (bio) {
+                X509 *ssl_cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
+                BIO_free(bio);
 
                 X509_STORE_add_cert(store, ssl_cert);
                 SSL_CTX_add_extra_chain_cert(ssl_ctx->ctx, ssl_cert);

Modified: serf/trunk/test/test_ssl.c
URL: 
http://svn.apache.org/viewvc/serf/trunk/test/test_ssl.c?rev=1909252&r1=1909251&r2=1909252&view=diff
==============================================================================
--- serf/trunk/test/test_ssl.c (original)
+++ serf/trunk/test/test_ssl.c Wed Apr 19 17:07:51 2023
@@ -2571,10 +2571,10 @@ static apr_status_t verify_ocsp_response
             ? get_srcdir_file(tb->pool, "test/certs/private/serfrootcakey.pem")
             : get_srcdir_file(tb->pool, 
"test/certs/private/serfserverkey.pem"));
 
-        FILE * pkey_file = fopen(fname, "rb");
-        if (pkey_file) {
-            pkey = PEM_read_PrivateKey(pkey_file, NULL, pkey_password_cb, 
NULL);
-            fclose(pkey_file);
+        BIO * pkey_bio = BIO_new_file(fname, "rb");
+        if (pkey_bio) {
+            pkey = PEM_read_bio_PrivateKey(pkey_bio, NULL, pkey_password_cb, 
NULL);
+            BIO_free(pkey_bio);
         }
         if (!pkey)
             return APR_EGENERAL;

Reply via email to