XRootD
XrdTlsPeerCerts.cc
Go to the documentation of this file.
1
/******************************************************************************/
2
/* */
3
/* X r d T l s P e e r C e r t s . c c */
4
/* */
5
/* (c) 2020 by the Board of Trustees of the Leland Stanford, Jr., University */
6
/* Produced by Andrew Hanushevsky for Stanford University under contract */
7
/* DE-AC02-76-SFO0515 with the Department of Energy */
8
/* */
9
/* This file is part of the XRootD software suite. */
10
/* */
11
/* XRootD is free software: you can redistribute it and/or modify it under */
12
/* the terms of the GNU Lesser General Public License as published by the */
13
/* Free Software Foundation, either version 3 of the License, or (at your */
14
/* option) any later version. */
15
/* */
16
/* XRootD is distributed in the hope that it will be useful, but WITHOUT */
17
/* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
18
/* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
19
/* License for more details. */
20
/* */
21
/* You should have received a copy of the GNU Lesser General Public License */
22
/* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
23
/* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
24
/* */
25
/* The copyright holder's institutional names and contributor's names may not */
26
/* be used to endorse or promote products derived from this software without */
27
/* specific prior written permission of the institution or contributor. */
28
/******************************************************************************/
29
30
#include "
XrdTls/XrdTlsPeerCerts.hh
"
31
32
/******************************************************************************/
33
/* L o c a l C o m p a t a b i l i t y F u n c t i o n s */
34
/******************************************************************************/
35
36
// Version of OpenSSL < 1.1 do not have X509_up_ref() so we need to implement
37
// it using basic functions which only appear in 1.0.x. What a hack!
38
//
39
#if OPENSSL_VERSION_NUMBER < 0x10100000L
40
#include <openssl/crypto.h>
41
namespace
42
{
43
int
X509_up_ref(X509 *cert)
44
{
45
#ifdef CRYPTO_add
46
if
(cert && (CRYPTO_add(&(cert->references), 1, CRYPTO_LOCK_X509)) > 1)
47
return
1;
48
#endif
49
50
return
0;
51
}
52
}
53
#else
54
#include <openssl/x509.h>
55
#endif
56
57
/******************************************************************************/
58
/* D e s t r u c t o r */
59
/******************************************************************************/
60
61
XrdTlsPeerCerts::~XrdTlsPeerCerts
()
62
{
63
// Free the peer cert
64
//
65
if
(cert) X509_free(cert);
66
67
// Free the chain (we don't have to as only get1 call creates a copy.
68
//
69
// if (chain) sk_X509_pop_free(chain, X509_free);
70
}
71
72
/******************************************************************************/
73
/* g e t C e r t */
74
/******************************************************************************/
75
76
X509 *
XrdTlsPeerCerts::getCert
(
bool
upref)
77
{
78
// If we have a cert and we need to up the reference, do so. Note that upref
79
// may fail; in which case we return a nil pointer to avoid a future segv.
80
//
81
if
(cert && upref && !X509_up_ref(cert))
return
0;
82
return
cert;
83
}
XrdTlsPeerCerts.hh
XrdTlsPeerCerts::getCert
X509 * getCert(bool upref=true)
Definition:
XrdTlsPeerCerts.cc:76
XrdTlsPeerCerts::~XrdTlsPeerCerts
~XrdTlsPeerCerts()
Definition:
XrdTlsPeerCerts.cc:61
XrdTls
XrdTlsPeerCerts.cc
Generated by
1.9.1