* @return a pointer to the loaded key on success; NULL upon failure.
*/
static Ssl_private_key_t *
-ssl_load_pkcs12(FILE* fp, const gchar *cert_passwd, const char** err) {
+ssl_load_pkcs12(FILE* fp, const gchar *cert_passwd, char** err) {
int i, j, ret;
int rest;
data.size -= rest;
ssl_debug_printf("%d bytes read\n", data.size);
if (!feof(fp)) {
- *err = "Error during certificate reading.";
+ *err = g_strdup("Error during certificate reading.");
ssl_debug_printf("%s\n", *err);
g_free(private_key);
g_free(data.data);
ret = gnutls_pkcs12_init(&ssl_p12);
if (ret < 0) {
- *err = se_strdup_printf("gnutls_pkcs12_init(&st_p12) - %s", gnutls_strerror(ret));
+ *err = g_strdup_printf("gnutls_pkcs12_init(&st_p12) - %s", gnutls_strerror(ret));
ssl_debug_printf("%s\n", *err);
g_free(private_key);
g_free(data.data);
/* load PKCS#12 in DER or PEM format */
ret = gnutls_pkcs12_import(ssl_p12, &data, GNUTLS_X509_FMT_DER, 0);
if (ret < 0) {
- *err = se_strdup_printf("could not load PKCS#12 in DER format: %s", gnutls_strerror(ret));
+ *err = g_strdup_printf("could not load PKCS#12 in DER format: %s", gnutls_strerror(ret));
ssl_debug_printf("%s\n", *err);
+ g_free(*err);
ret = gnutls_pkcs12_import(ssl_p12, &data, GNUTLS_X509_FMT_PEM, 0);
if (ret < 0) {
- *err = se_strdup_printf("could not load PKCS#12 in PEM format: %s", gnutls_strerror(ret));
+ *err = g_strdup_printf("could not load PKCS#12 in PEM format: %s", gnutls_strerror(ret));
ssl_debug_printf("%s\n", *err);
} else {
*err = NULL;
ret = gnutls_x509_crt_init(&ssl_cert);
if (ret < 0) {
- *err = se_strdup_printf("gnutls_x509_crt_init(&ssl_cert) - %s", gnutls_strerror(ret));
+ *err = g_strdup_printf("gnutls_x509_crt_init(&ssl_cert) - %s", gnutls_strerror(ret));
ssl_debug_printf("%s\n", *err);
g_free(private_key);
return 0;
ret = gnutls_x509_crt_import(ssl_cert, &data, GNUTLS_X509_FMT_DER);
if (ret < 0) {
- *err = se_strdup_printf("gnutls_x509_crt_import(ssl_cert, &data, GNUTLS_X509_FMT_DER) - %s", gnutls_strerror(ret));
+ *err = g_strdup_printf("gnutls_x509_crt_import(ssl_cert, &data, GNUTLS_X509_FMT_DER) - %s", gnutls_strerror(ret));
ssl_debug_printf("%s\n", *err);
g_free(private_key);
return 0;
ret = gnutls_x509_privkey_init(&ssl_pkey);
if (ret < 0) {
- *err = se_strdup_printf("gnutls_x509_privkey_init(&ssl_pkey) - %s", gnutls_strerror(ret));
+ *err = g_strdup_printf("gnutls_x509_privkey_init(&ssl_pkey) - %s", gnutls_strerror(ret));
ssl_debug_printf("%s\n", *err);
g_free(private_key);
return 0;
ret = gnutls_x509_privkey_import_pkcs8(ssl_pkey, &data, GNUTLS_X509_FMT_DER, cert_passwd,
(bag_type==GNUTLS_BAG_PKCS8_KEY) ? GNUTLS_PKCS_PLAIN : 0);
if (ret < 0) {
- *err = se_strdup_printf("Can not decrypt private key - %s", gnutls_strerror(ret));
+ *err = g_strdup_printf("Can not decrypt private key - %s", gnutls_strerror(ret));
ssl_debug_printf("%s\n", *err);
g_free(private_key);
return 0;
}
if (gnutls_x509_privkey_get_pk_algorithm(ssl_pkey) != GNUTLS_PK_RSA) {
- *err = "ssl_load_pkcs12: private key public key algorithm isn't RSA";
+ *err = g_strdup("ssl_load_pkcs12: private key public key algorithm isn't RSA");
ssl_debug_printf("%s\n", *err);
g_free(private_key);
return 0;
private_key->x509_pkey = ssl_pkey;
private_key->sexp_pkey = ssl_privkey_to_sexp(ssl_pkey);
if ( !private_key->sexp_pkey ) {
- *err = "ssl_load_pkcs12: could not create sexp_pkey";
+ *err = g_strdup("ssl_load_pkcs12: could not create sexp_pkey");
ssl_debug_printf("%s\n", *err);
g_free(private_key);
return NULL;
}
Ssl_private_key_t *
-ssl_load_pkcs12(FILE* fp, const gchar *cert_passwd _U_, const char** err) {
+ssl_load_pkcs12(FILE* fp, const gchar *cert_passwd _U_, char** err) {
*err = NULL;
ssl_debug_printf("ssl_load_pkcs12: impossible without gnutls. fp %p\n",fp);
return NULL;
if ((gint)strlen(uats->password) == 0) {
private_key = ssl_load_key(fp);
} else {
- const char *err = NULL;
+ char *err = NULL;
private_key = ssl_load_pkcs12(fp, uats->password, &err);
if (err) {
fprintf(stderr, "%s\n", err);
+ g_free(err);
}
}
if (p && (strlen(p) > 0u)) {
fp = ws_fopen(f->keyfile, "rb");
if (fp) {
- const char *msg = NULL;
+ char *msg = NULL;
if (!ssl_load_pkcs12(fp, p, &msg)) {
fclose(fp);
*err = ep_strdup_printf("Could not load PKCS#12 key file: %s", msg);
+ g_free(msg);
return FALSE;
}
+ g_free(msg);
fclose(fp);
} else {
*err = ep_strdup_printf("Leave this field blank if the keyfile is not PKCS#12.");