*/
#include "gssapiP_eap.h"
-#include <openssl/bio.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-#include <stdio.h>
+#include <glib.h>
#ifdef HAVE_MOONSHOT_GET_IDENTITY
#include <libmoonshot.h>
char *subjectNameConstraint = NULL;
char *subjectAltNameConstraint = NULL;
MoonshotError *error = NULL;
- BIO *bio = NULL;
if (cred->name != GSS_C_NO_NAME) {
major = gssEapDisplayName(minor, cred->name, &initiator, NULL);
cred->caCertificate.length = HASH_PREFIX_LEN + len;
} else if (!stringEmpty(caCertificate)) {
- BUF_MEM *bptr;
- X509 *cert;
gss_buffer_desc tmp;
-
- bio = BIO_new_mem_buf(caCertificate, -1);
- if (bio == NULL) {
- major = GSS_S_FAILURE;
- *minor = ENOMEM;
- goto cleanup;
- }
- cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
- if (cert == NULL) {
- major = GSS_S_DEFECTIVE_CREDENTIAL;
- *minor = GSSEAP_BAD_CACERTIFICATE;
- goto cleanup;
- }
- BIO_free(bio);
- bio = BIO_new(BIO_s_mem());
- if (i2d_X509_bio(bio, cert) < 0) {
+ tmp.value = g_base64_decode(caCertificate, &tmp.length);
+ if (tmp.value == NULL) {
major = GSS_S_DEFECTIVE_CREDENTIAL;
*minor = GSSEAP_BAD_CACERTIFICATE;
goto cleanup;
}
- BIO_get_mem_ptr(bio, &bptr);
- tmp.value = bptr->data;
- tmp.length = bptr->length;
major = duplicateBuffer(minor, &tmp, &cred->caCertificateBlob);
+ g_free(tmp.value);
if (major != GSS_S_COMPLETE) {
goto cleanup;
}
- BIO_free(bio);
- bio = NULL;
makeStringBufferOrCleanup("blob://ca-cert", &cred->caCertificate);
}
moonshot_free(caCertificate);
moonshot_free(subjectNameConstraint);
moonshot_free(subjectAltNameConstraint);
- BIO_free(bio);
gss_release_buffer(&tmpMinor, &initiator);
gss_release_buffer(&tmpMinor, &target);