diff --git a/examples/client/client.c b/examples/client/client.c index 1ae41cf87..9d948ba34 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -127,8 +127,8 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args) char resumeMsg[] = "resuming cyassl!"; int resumeSz = sizeof(resumeMsg); - char msg[64] = "hello cyassl!"; - char reply[1024]; + char msg[32] = "hello cyassl!"; /* GET may make bigger */ + char reply[80]; int input; int msgSz = (int)strlen(msg); diff --git a/examples/server/server.c b/examples/server/server.c index 0108909cf..db87df42e 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -120,7 +120,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) SSL* ssl = 0; char msg[] = "I hear you fa shizzle!"; - char input[1024]; + char input[80]; int idx; int ch; int version = SERVER_DEFAULT_VERSION; diff --git a/src/ssl.c b/src/ssl.c index c7ef3aebf..562f5008f 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1511,6 +1511,47 @@ static int ProcessChainBuffer(CYASSL_CTX* ctx, const unsigned char* buff, } +/* Verify the ceritficate, 1 for success, < 0 for error */ +int CyaSSL_CertManagerVerifyBuffer(CYASSL_CERT_MANAGER* cm, const byte* buff, + long sz, int format) +{ + int ret = 0; + int eccKey = 0; /* not used */ + + DecodedCert cert; + buffer der; + + CYASSL_ENTER("CyaSSL_CertManagerVerifyBuffer"); + + der.buffer = NULL; + der.length = 0; + + if (format == SSL_FILETYPE_PEM) { + EncryptedInfo info; + + info.set = 0; + info.ctx = NULL; + info.consumed = 0; + ret = PemToDer(buff, sz, CERT_TYPE, &der, cm->heap, &info, &eccKey); + InitDecodedCert(&cert, der.buffer, der.length, cm->heap); + } + else + InitDecodedCert(&cert, (byte*)buff, (word32)sz, cm->heap); + + if (ret == 0) + ret = ParseCertRelative(&cert, CERT_TYPE, 1, cm); +#ifdef HAVE_CRL + if (ret == 0 && cm->crlEnabled) + ret = CheckCertCRL(cm->crl, &cert); +#endif + + FreeDecodedCert(&cert); + XFREE(der.buffer, cm->heap, DYNAMIC_TYPE_CERT); + + return ret; +} + + #ifndef NO_FILESYSTEM #if defined(EBSNET) @@ -1707,47 +1748,6 @@ int CyaSSL_CTX_load_verify_locations(CYASSL_CTX* ctx, const char* file, } -/* Verify the ceritficate, 1 for success, < 0 for error */ -int CyaSSL_CertManagerVerifyBuffer(CYASSL_CERT_MANAGER* cm, const byte* buff, - long sz, int format) -{ - int ret = 0; - int eccKey = 0; /* not used */ - - DecodedCert cert; - buffer der; - - CYASSL_ENTER("CyaSSL_CertManagerVerifyBuffer"); - - der.buffer = NULL; - der.length = 0; - - if (format == SSL_FILETYPE_PEM) { - EncryptedInfo info; - - info.set = 0; - info.ctx = NULL; - info.consumed = 0; - ret = PemToDer(buff, sz, CERT_TYPE, &der, cm->heap, &info, &eccKey); - InitDecodedCert(&cert, der.buffer, der.length, cm->heap); - } - else - InitDecodedCert(&cert, (byte*)buff, (word32)sz, cm->heap); - - if (ret == 0) - ret = ParseCertRelative(&cert, CERT_TYPE, 1, cm); -#ifdef HAVE_CRL - if (ret == 0 && cm->crlEnabled) - ret = CheckCertCRL(cm->crl, &cert); -#endif - - FreeDecodedCert(&cert); - XFREE(der.buffer, cm->heap, DYNAMIC_TYPE_CERT); - - return ret; -} - - /* Verify the ceritficate, 1 for success, < 0 for error */ int CyaSSL_CertManagerVerify(CYASSL_CERT_MANAGER* cm, const char* fname, int format)