mirror of
https://github.com/CAcertOrg/cats.git
synced 2024-11-03 12:44:03 +00:00
Adjustments to support class 3 client certificates
This commit is contained in:
parent
fa27e3da5f
commit
73ccca3694
1 changed files with 7 additions and 4 deletions
|
@ -3,8 +3,9 @@ use Socket;
|
||||||
use Net::SSLeay qw(die_now die_if_ssl_error) ;
|
use Net::SSLeay qw(die_now die_if_ssl_error) ;
|
||||||
use DBI;
|
use DBI;
|
||||||
|
|
||||||
my $CertFile = "cert_200808.pem";
|
# Be sure the CertFile includes a key chain if you are using class 3 certificates
|
||||||
my $KeyFile = "key_200808.pem";
|
my $CertFile;
|
||||||
|
my $KeyFile;
|
||||||
my $CAfile = "CAcert_roots.pem";
|
my $CAfile = "CAcert_roots.pem";
|
||||||
my $TargetHost="secure.cacert.org";
|
my $TargetHost="secure.cacert.org";
|
||||||
my $TargetScript="cats/cats_import.php";
|
my $TargetScript="cats/cats_import.php";
|
||||||
|
@ -57,7 +58,7 @@ sub SendRecord($$$$$$)
|
||||||
die_if_ssl_error("ssl_read_CRLF");
|
die_if_ssl_error("ssl_read_CRLF");
|
||||||
if (!$CurLine) {
|
if (!$CurLine) {
|
||||||
print "ssl_read_CRLF returns nothing\n";
|
print "ssl_read_CRLF returns nothing\n";
|
||||||
return "BREAK";
|
return (1, "BREAK");
|
||||||
}
|
}
|
||||||
if (CurLine =~ /^HTTP\/[0-9.]+ (\d+) (.+)/i) {
|
if (CurLine =~ /^HTTP\/[0-9.]+ (\d+) (.+)/i) {
|
||||||
$HTTPResult = $1;
|
$HTTPResult = $1;
|
||||||
|
@ -205,8 +206,10 @@ do {
|
||||||
# Set accepted CAs
|
# Set accepted CAs
|
||||||
Net::SSLeay::CTX_load_verify_locations($ctx, $CAfile, 0);
|
Net::SSLeay::CTX_load_verify_locations($ctx, $CAfile, 0);
|
||||||
|
|
||||||
# Add client vertificate
|
# Add client certificate
|
||||||
Net::SSLeay::set_cert_and_key($ctx, $CertFile, $KeyFile);
|
Net::SSLeay::set_cert_and_key($ctx, $CertFile, $KeyFile);
|
||||||
|
#Net::SSLeay::CTX_use_certificate_chain_file($ctx, $CertFile);
|
||||||
|
#Net::SSLeay::CTX_use_PrivateKey_file($ctx, $KeyFile, &Net::SSLeay::FILETYPE_PEM);
|
||||||
|
|
||||||
$ssl = Net::SSLeay::new($ctx) or die_now("Failed to create SSL $!");
|
$ssl = Net::SSLeay::new($ctx) or die_now("Failed to create SSL $!");
|
||||||
Net::SSLeay::set_fd($ssl, fileno(S)); # Must use fileno
|
Net::SSLeay::set_fd($ssl, fileno(S)); # Must use fileno
|
||||||
|
|
Loading…
Reference in a new issue