X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=engines%2Fe_capi.c;h=e98946c85a0a288c8ac925db665785f980bc32fe;hb=c60dca1f95457a9cb6deca7a4c3f81f99fe05b11;hp=568b8d3632f52c1035b207e8de098128fa40bea3;hpb=540e455e3acd4d020c2911d1600c79b4b574700b;p=oweals%2Fopenssl.git diff --git a/engines/e_capi.c b/engines/e_capi.c index 568b8d3632..e98946c85a 100644 --- a/engines/e_capi.c +++ b/engines/e_capi.c @@ -62,14 +62,30 @@ #ifdef OPENSSL_SYS_WIN32 #ifndef OPENSSL_NO_CAPIENG + #include + +#ifndef _WIN32_WINNT +#define _WIN32_WINNT 0x0400 +#endif + #include #undef X509_EXTENSIONS #undef X509_CERT_PAIR +/* Definitions which may be missing from earlier version of headers */ +#ifndef CERT_STORE_OPEN_EXISTING_FLAG +#define CERT_STORE_OPEN_EXISTING_FLAG 0x00004000 +#endif + +#ifndef CERT_STORE_CREATE_NEW_FLAG +#define CERT_STORE_CREATE_NEW_FLAG 0x00002000 +#endif + #include #include +#include #include "e_capi_err.h" #include "e_capi_err.c" @@ -700,7 +716,7 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY *key) return ret; memerr: - CAPIerr(CAPI_F_CAPI_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); + CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_MALLOC_FAILURE); goto err; } @@ -1367,7 +1383,6 @@ static CAPI_KEY *capi_get_key(CAPI_CTX *ctx, const char *contname, char *provnam { CAPI_KEY *key; key = OPENSSL_malloc(sizeof(CAPI_KEY)); - contname, provname, ptype); CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n", contname, provname, ptype); if (!CryptAcquireContext(&key->hprov, contname, provname, ptype, 0)) @@ -1587,11 +1602,15 @@ static int capi_load_ssl_client_cert(ENGINE *e, SSL *ssl, CAPI_trace(ctx, "Can't Parse Certificate %d\n", i); continue; } - if (cert_issuer_match(ca_dn, x)) + if (cert_issuer_match(ca_dn, x) + && X509_check_purpose(x, X509_PURPOSE_SSL_CLIENT, 0)) { key = capi_get_cert_key(ctx, cert); if (!key) + { + X509_free(x); continue; + } /* Match found: attach extra data to it so * we can retrieve the key later. */ @@ -1666,8 +1685,14 @@ static int cert_select_simple(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs) * CryptUIDlgSelectCertificateFromStore() to produce a dialog box. */ -#include -#include +/* Definitions which are in cryptuiapi.h but this is not present in older + * versions of headers. + */ + +#ifndef CRYPTUI_SELECT_LOCATION_COLUMN +#define CRYPTUI_SELECT_LOCATION_COLUMN 0x000000010 +#define CRYPTUI_SELECT_INTENDEDUSE_COLUMN 0x000000004 +#endif #define dlg_title L"OpenSSL Application SSL Client Certificate Selection" #define dlg_prompt L"Select a certificate to use for authentication" @@ -1691,7 +1716,7 @@ static int cert_select_dialog(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs) CERT_STORE_CREATE_NEW_FLAG, NULL); if (!dstore) { - CAPIerr(CAPI_F_CLIENT_CERT_SELECT, CAPI_R_ERROR_CREATING_STORE); + CAPIerr(CAPI_F_CERT_SELECT_DIALOG, CAPI_R_ERROR_CREATING_STORE); capi_addlasterror(); goto err; } @@ -1704,13 +1729,15 @@ static int cert_select_dialog(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs) if (!CertAddCertificateContextToStore(dstore, key->pcert, CERT_STORE_ADD_NEW, NULL)) { - CAPIerr(CAPI_F_CLIENT_CERT_SELECT, CAPI_R_ERROR_ADDING_CERT); + CAPIerr(CAPI_F_CERT_SELECT_DIALOG, CAPI_R_ERROR_ADDING_CERT); capi_addlasterror(); goto err; } } - hwnd = GetActiveWindow(); + hwnd = GetForegroundWindow(); + if (!hwnd) + hwnd = GetActiveWindow(); if (!hwnd && ctx->getconswindow) hwnd = ctx->getconswindow(); /* Call dialog to select one */ @@ -1743,5 +1770,12 @@ static int cert_select_dialog(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs) } #endif +#endif +#else /* !WIN32 */ +#include +#ifndef OPENSSL_NO_DYNAMIC_ENGINE +OPENSSL_EXPORT +int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { return 0; } +IMPLEMENT_DYNAMIC_CHECK_FN() #endif #endif