From 764e695fe1189659db90d17ec0c075cd2220ec45 Mon Sep 17 00:00:00 2001
From: hniksic <devnull@localhost>
Date: Mon, 9 May 2005 10:21:10 -0700
Subject: [PATCH] [svn] Simplify cert. verification.  Allow SSL_write to
 perform partial writes.

---
 src/ChangeLog |  7 +++++++
 src/openssl.c | 41 ++++++++++++++++++++---------------------
 2 files changed, 27 insertions(+), 21 deletions(-)

diff --git a/src/ChangeLog b/src/ChangeLog
index cd462989..bd1edd90 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,10 @@
+2005-05-09  Hrvoje Niksic  <hniksic@xemacs.org>
+
+	* openssl.c (verify_cert_callback): Renamed from verify_callback.
+	Always return the received "ok" value.  Print the X509 name in
+	debug mode.
+	(ssl_init): Enable partial writes in SSL context.
+
 2005-05-08  Hrvoje Niksic  <hniksic@xemacs.org>
 
 	* http.c (http_loop): Check for wildcards in the URL path
diff --git a/src/openssl.c b/src/openssl.c
index 91552dee..4486a16d 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -132,30 +132,22 @@ init_prng (void)
 #endif
 }
 
-/* #### Someone should audit and document this. */
+/* This function is called for additional (app-specific) verification
+   of the server certificate.  We basically confirm the validity as
+   determined by OpenSSL.
+
+   #### Someone should audit this for correctness and document it
+   better.  */
 
 static int
-verify_callback (int ok, X509_STORE_CTX *ctx)
+verify_cert_callback (int ok, X509_STORE_CTX *ctx)
 {
   char buf[256];
-  /* #### Why are we not using the result of this call? */
-  X509_NAME_oneline (X509_get_subject_name (ctx->current_cert),
-		     buf, sizeof (buf));
-  if (ok == 0)
-    {
-      switch (ctx->error)
-	{
-	case X509_V_ERR_CERT_NOT_YET_VALID:
-	case X509_V_ERR_CERT_HAS_EXPIRED:
-	  /* This mean the CERT is not valid !!! */
-	  ok = 0;
-	  break;
-	case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
-	  /* Unsure if we should handle that this way */
-	  ok = 1;
-	  break;
-	}
-    }
+  X509 *cert = X509_STORE_CTX_get_current_cert (ctx);
+  X509_NAME_oneline (X509_get_subject_name (cert), buf, sizeof (buf));
+  /* #### Why are we not using the result of the above call?  Are we
+     supposed to print it?  */
+  DEBUGP (("verify_cert_callback: %s\n", buf));
   return ok;
 }
 
@@ -241,9 +233,12 @@ ssl_init ()
 
   SSL_CTX_set_default_verify_paths (ssl_ctx);
   SSL_CTX_load_verify_locations (ssl_ctx, opt.ca_cert, opt.ca_directory);
+
+  /* Specify whether the connect should fail if the verification of
+     the peer fails or if it should go ahead.  */
   SSL_CTX_set_verify (ssl_ctx,
 		      opt.check_cert ? SSL_VERIFY_PEER : SSL_VERIFY_NONE,
-		      verify_callback);
+		      verify_cert_callback);
 
   if (opt.cert_file)
     if (SSL_CTX_use_certificate_file (ssl_ctx, opt.cert_file,
@@ -256,6 +251,10 @@ ssl_init ()
 	!= 1)
       goto error;
 
+  /* Since fd_write unconditionally assumes partial writes (and
+     handles them correctly), allow them in OpenSSL.  */
+  SSL_CTX_set_mode (ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
+
   return 1;
 
  error:
-- 
2.39.2