summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
4dbc334)
git-svn-id: https://svn.middleware.georgetown.edu/cpp-xmltooling/trunk@258
de75baf8-a10c-0410-a50a-
987c0e22f00f
case XSECCryptoKey::KEY_RSA_PUBLIC:
{
RSA* rsa = static_cast<OpenSSLCryptoKeyRSA*>(key.get())->getOpenSSLRSA();
case XSECCryptoKey::KEY_RSA_PUBLIC:
{
RSA* rsa = static_cast<OpenSSLCryptoKeyRSA*>(key.get())->getOpenSSLRSA();
- EVP_PKEY* evp = certEE->cert_info->key->pkey;
+ EVP_PKEY* evp = X509_PUBKEY_get(X509_get_X509_PUBKEY(certEE));
if (rsa && evp && evp->type == EVP_PKEY_RSA &&
if (rsa && evp && evp->type == EVP_PKEY_RSA &&
- BN_cmp(rsa->n,evp->pkey.rsa->n) == 0 && BN_cmp(rsa->e,evp->pkey.rsa->e) != 0) {
+ BN_cmp(rsa->n,evp->pkey.rsa->n) == 0 && BN_cmp(rsa->e,evp->pkey.rsa->e) == 0) {
log.debug("end-entity certificate matches peer RSA key information");
log.debug("end-entity certificate matches peer RSA key information");
+ if (evp)
+ EVP_PKEY_free(evp);
+ if (evp)
+ EVP_PKEY_free(evp);
break;
}
case XSECCryptoKey::KEY_DSA_PUBLIC:
{
DSA* dsa = static_cast<OpenSSLCryptoKeyDSA*>(key.get())->getOpenSSLDSA();
break;
}
case XSECCryptoKey::KEY_DSA_PUBLIC:
{
DSA* dsa = static_cast<OpenSSLCryptoKeyDSA*>(key.get())->getOpenSSLDSA();
- EVP_PKEY* evp = certEE->cert_info->key->pkey;
+ EVP_PKEY* evp = X509_PUBKEY_get(X509_get_X509_PUBKEY(certEE));
if (dsa && evp && evp->type == EVP_PKEY_DSA && BN_cmp(dsa->pub_key,evp->pkey.dsa->pub_key) == 0) {
log.debug("end-entity certificate matches peer DSA key information");
if (dsa && evp && evp->type == EVP_PKEY_DSA && BN_cmp(dsa->pub_key,evp->pkey.dsa->pub_key) == 0) {
log.debug("end-entity certificate matches peer DSA key information");
+ if (evp)
+ EVP_PKEY_free(evp);
+ if (evp)
+ EVP_PKEY_free(evp);
curl_easy_setopt(handle,CURLOPT_NOSIGNAL,1);
curl_easy_setopt(handle,CURLOPT_FAILONERROR,1);
curl_easy_setopt(handle,CURLOPT_SSLVERSION,3);
curl_easy_setopt(handle,CURLOPT_NOSIGNAL,1);
curl_easy_setopt(handle,CURLOPT_FAILONERROR,1);
curl_easy_setopt(handle,CURLOPT_SSLVERSION,3);
+ // Verification of the peer is via TrustEngine only.
+ curl_easy_setopt(handle,CURLOPT_SSL_VERIFYPEER,0);
curl_easy_setopt(handle,CURLOPT_SSL_VERIFYHOST,2);
curl_easy_setopt(handle,CURLOPT_HEADERFUNCTION,&curl_header_hook);
curl_easy_setopt(handle,CURLOPT_READFUNCTION,&curl_read_hook);
curl_easy_setopt(handle,CURLOPT_SSL_VERIFYHOST,2);
curl_easy_setopt(handle,CURLOPT_HEADERFUNCTION,&curl_header_hook);
curl_easy_setopt(handle,CURLOPT_READFUNCTION,&curl_read_hook);
curl_easy_setopt(m_handle,CURLOPT_SSL_CTX_DATA,NULL);
}
curl_easy_setopt(m_handle,CURLOPT_SSL_CTX_DATA,NULL);
}
- // Verification of the peer is via TrustEngine only.
- curl_easy_setopt(m_handle,CURLOPT_SSL_VERIFYPEER,0);
-
// Make the call.
log.debug("sending SOAP message to %s", m_endpoint.c_str());
if (curl_easy_perform(m_handle) != CURLE_OK) {
// Make the call.
log.debug("sending SOAP message to %s", m_endpoint.c_str());
if (curl_easy_perform(m_handle) != CURLE_OK) {