Преглед на файлове

Bug 2034: Custom certificate store file (with fixed path only)

https://winscp.net/tracker/2034

Source commit: f346dbf0071056e1f62fb157ac2abb0d3ca8ab40
Martin Prikryl преди 4 години
родител
ревизия
a411a0072f
променени са 3 файла, в които са добавени 14 реда и са изтрити 0 реда
  1. 7 0
      libs/neon/src/ne_openssl.c
  2. 1 0
      libs/neon/src/ne_session.h
  3. 6 0
      source/core/NeonIntf.cpp

+ 7 - 0
libs/neon/src/ne_openssl.c

@@ -829,6 +829,13 @@ void ne_ssl_trust_default_ca(ne_session *sess)
 #endif
 }
 
+#ifdef WINSCP
+void ne_ssl_set_certificates_storage(ne_session *sess, const char * filename)
+{
+    SSL_CTX_load_verify_locations(sess->ssl_context->ctx, filename, 0);
+}
+#endif
+
 /* Find a friendly name in a PKCS12 structure the hard way, without
  * decrypting the parts which are encrypted.. */
 static char *find_friendly_name(PKCS12 *p12)

+ 1 - 0
libs/neon/src/ne_session.h

@@ -329,6 +329,7 @@ void ne_set_useragent(ne_session *sess, const char *product);
 
 #ifdef WINSCP
 void ne_set_realhost(ne_session *sess, const char *realhost);
+void ne_ssl_set_certificates_storage(ne_session *sess, const char * filename);
 #endif
 
 /* Returns non-zero if next-hop server does not claim compliance to

+ 6 - 0
source/core/NeonIntf.cpp

@@ -111,6 +111,12 @@ void InitNeonSession(ne_session * Session, TProxyMethod ProxyMethod, const Unico
   ne_redirect_register(Session);
   ne_set_useragent(Session, StrToNeon(FORMAT(L"%s/%s", (AppNameString(), Configuration->Version))));
 
+  UnicodeString CertificateStorage = TPath::Combine(ExtractFilePath(ModuleFileName()), L"cacert.pem");
+  if (FileExists(CertificateStorage))
+  {
+    ne_ssl_set_certificates_storage(Session, StrToNeon(CertificateStorage));
+  }
+
   if (Terminal != NULL)
   {
     ne_set_session_private(Session, SESSION_TERMINAL_KEY, Terminal);