Implement wolfSSL_X509_STORE_set_default_paths

2025-01-03 17:09:30 +01:00
parent 5ee8af2351
commit 4cc3eec587
3 changed files with 23 additions and 10 deletions
--- a/src/x509_str.c
+++ b/src/x509_str.c
@ -1474,13 +1474,6 @@ int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store, unsigned long flag)
    return ret;
 }

-
-int wolfSSL_X509_STORE_set_default_paths(WOLFSSL_X509_STORE* store)
-{
-    (void)store;
-    return WOLFSSL_SUCCESS;
-}
-
 int X509StoreLoadCertBuffer(WOLFSSL_X509_STORE *str,
                                        byte *buf, word32 bufLen, int type)
 {
@ -1681,6 +1674,25 @@ WOLFSSL_API int wolfSSL_X509_STORE_load_locations(WOLFSSL_X509_STORE *str,

    return ret;
 }
+
+#if defined(XGETENV) && !defined(NO_GETENV)
+int wolfSSL_X509_STORE_set_default_paths(WOLFSSL_X509_STORE *str)
+{
+    int ret = WOLFSSL_FAILURE;
+    char* certDir = NULL;
+    char* certFile = NULL;
+
+    certDir = wc_strdup_ex(XGETENV("SSL_CERT_DIR"), DYNAMIC_TYPE_TMP_BUFFER);
+    certFile = wc_strdup_ex(XGETENV("SSL_CERT_FILE"), DYNAMIC_TYPE_TMP_BUFFER);
+
+    ret = wolfSSL_X509_STORE_load_locations(str, certFile, certDir);
+
+    XFREE(certFile, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(certDir, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    return ret;
+}
+#endif /* XGETENV && !NO_GETENV */
+
 #endif /* !NO_FILESYSTEM && !NO_WOLFSSL_DIR */

 int wolfSSL_X509_CA_num(WOLFSSL_X509_STORE* store)
--- a/wolfssl/openssl/ssl.h
+++ b/wolfssl/openssl/ssl.h
@ -779,6 +779,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
 #define X509_VERIFY_PARAM_lookup        wolfSSL_X509_VERIFY_PARAM_lookup
 #define X509_VERIFY_PARAM_inherit       wolfSSL_X509_VERIFY_PARAM_inherit
 #define X509_STORE_load_locations       wolfSSL_X509_STORE_load_locations
+#define X509_STORE_set_default_paths    wolfSSL_X509_STORE_set_default_paths
 #define X509_STORE_get0_param           wolfSSL_X509_STORE_get0_param

 #define X509_LOOKUP_add_dir             wolfSSL_X509_LOOKUP_add_dir
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@ -2262,7 +2262,6 @@ WOLFSSL_API WOLFSSL_X509_STORE_CTX *wolfSSL_X509_STORE_CTX_get0_parent_ctx(
                                                   WOLFSSL_X509_STORE_CTX *ctx);
 WOLFSSL_API int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store,
                                                            unsigned long flag);
-WOLFSSL_API int          wolfSSL_X509_STORE_set_default_paths(WOLFSSL_X509_STORE* store);
 WOLFSSL_API int wolfSSL_X509_STORE_get_by_subject(WOLFSSL_X509_STORE_CTX* ctx,
                    int idx, WOLFSSL_X509_NAME* name, WOLFSSL_X509_OBJECT* obj);
 WOLFSSL_API WOLFSSL_X509_VERIFY_PARAM *wolfSSL_X509_STORE_CTX_get0_param(
@ -5729,6 +5728,7 @@ WOLFSSL_API WOLF_STACK_OF(WOLFSSL_COMP) *WOLFSSL_COMP_get_compression_methods(vo
 #define SSL_COMP_get_compression_methods WOLFSSL_COMP_get_compression_methods
 #endif
 WOLFSSL_API int wolfSSL_X509_STORE_load_locations(WOLFSSL_X509_STORE *str, const char *file, const char *dir);
+WOLFSSL_API int wolfSSL_X509_STORE_set_default_paths(WOLFSSL_X509_STORE *str);
 WOLFSSL_API int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *ctx, WOLFSSL_X509_CRL *x);
 WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_num(const WOLF_STACK_OF(WOLFSSL_CIPHER)* p);
 WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_find(