error_code GSSEAP_NO_DEFAULT_IDENTITY, "Default credentials identity unavailable"
error_code GSSEAP_NO_DEFAULT_CRED, "Missing default password or other credentials"
error_code GSSEAP_CRED_RESOLVED, "Credential is already fully resolved"
+error_code GSSEAP_BAD_CACERTIFICATE, "CA Certificate could not be parsed by openssl"
#
# Local identity service errors
#include <openssl/bio.h>
#include <openssl/pem.h>
#include <openssl/x509.h>
+#include <stdio.h>
#ifdef HAVE_MOONSHOT_GET_IDENTITY
#include <libmoonshot.h>
}
cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
if (cert == NULL) {
- major = GSS_S_FAILURE;
- *minor = ENOMEM;
+ major = GSS_S_DEFECTIVE_CREDENTIAL;
+ *minor = GSSEAP_BAD_CACERTIFICATE;
goto cleanup;
}
BIO_free(bio);
bio = BIO_new(BIO_s_mem());
if (i2d_X509_bio(bio, cert) < 0) {
- major = GSS_S_FAILURE;
- *minor = ENOMEM; /* TODO */
+ major = GSS_S_DEFECTIVE_CREDENTIAL;
+ *minor = GSSEAP_BAD_CACERTIFICATE;
goto cleanup;
}
BIO_get_mem_ptr(bio, &bptr);
goto cleanup;
}
BIO_free(bio);
+ bio = NULL;
makeStringBufferOrCleanup("blob://ca-cert", &cred->caCertificate);
}