You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@trafficserver.apache.org by vm...@apache.org on 2010/10/28 01:28:18 UTC

svn commit: r1028138 - /trafficserver/traffic/trunk/iocore/net/SSLNet.cc

Author: vmamidi
Date: Wed Oct 27 23:28:18 2010
New Revision: 1028138

URL: http://svn.apache.org/viewvc?rev=1028138&view=rev
Log:
TS-494 fix for certficate chaining

Modified:
    trafficserver/traffic/trunk/iocore/net/SSLNet.cc

Modified: trafficserver/traffic/trunk/iocore/net/SSLNet.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/SSLNet.cc?rev=1028138&r1=1028137&r2=1028138&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/SSLNet.cc (original)
+++ trafficserver/traffic/trunk/iocore/net/SSLNet.cc Wed Oct 27 23:28:18 2010
@@ -62,13 +62,21 @@ SSL_CTX_add_extra_chain_cert_file(SSL_CT
   }
 
   j = ERR_R_PEM_LIB;
-  x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
+  while ((x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata)) != NULL) {
+    ret = SSL_CTX_add_extra_chain_cert(ctx, x);
+    if (!ret) {
+        X509_free(x);
+        BIO_free(in);
+	return -1;
+     }
+    }
+/*  x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
   if (x == NULL) {
     SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, j);
     goto end;
   }
 
-  ret = SSL_CTX_add_extra_chain_cert(ctx, x);
+  ret = SSL_CTX_add_extra_chain_cert(ctx, x);*/
 end:
   //  if (x != NULL) X509_free(x);
   if (in != NULL)