On 2005-01-16 03:12, James Yonan wrote:
> Looks like CERT_SYSTEM_STORE_USERS is undefined in the MinGW environment.
>
> gcc -g -O2 -Wall -Wno-unused-function -Wno-unused-variable -mno-cygwin
> -I/c/src/
> openssl-0.9.7e/include -I/c/src/lzo-1.08/include -c cryptoapi.c -o cryptoapi.o
> cryptoapi.c: In function `SSL_CTX_use_CryptoAPI_certificate':
> cryptoapi.c:366: `CERT_SYSTEM_STORE_USERS' undeclared (first use in this
> function)
> cryptoapi.c:366: (Each undeclared identifier is reported only once
> cryptoapi.c:366: for each function it appears in.)
> make: *** [cryptoapi.o] Error 1
>
> James
Maybe this is better?
--- cryptoapi-2.0_rc7.c 2004-12-02 00:16:36.000000000 +0100
+++ cryptoapi.c 2005-01-16 10:24:03.942438400 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2004 Peter 'Luna' Runestig <pe...@runestig.com>
+ * Copyright (c) 2004, 05 Peter 'Luna' Runestig <pe...@runestig.com>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without modifi-
@@ -41,7 +41,9 @@
#define CALG_SSL3_SHAMD5 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SSL3SHAMD5)
#define CERT_SYSTEM_STORE_LOCATION_SHIFT 16
#define CERT_SYSTEM_STORE_CURRENT_USER_ID 1
+#define CERT_SYSTEM_STORE_USERS_ID 6
#define CERT_SYSTEM_STORE_CURRENT_USER (CERT_SYSTEM_STORE_CURRENT_USER_ID <<
CERT_SYSTEM_STORE_LOCATION_SHIFT)
+#define CERT_SYSTEM_STORE_USERS (CERT_SYSTEM_STORE_USERS_ID <<
CERT_SYSTEM_STORE_LOCATION_SHIFT)
#define CERT_STORE_READONLY_FLAG 0x00008000
#define CERT_STORE_OPEN_EXISTING_FLAG 0x00004000
#define CRYPT_ACQUIRE_COMPARE_KEY_FLAG 0x00000004
@@ -339,7 +341,8 @@
SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_MALLOC_FAILURE);
goto err;
}
- /* search CURRENT_USER first, then LOCAL_MACHINE */
+ /* search for the wanted certificate in different parts of the system
store:
+ * search HKEY_CURRENT_USER first... */
cs = CertOpenStore((LPCSTR) CERT_STORE_PROV_SYSTEM, 0, 0,
CERT_SYSTEM_STORE_CURRENT_USER |
CERT_STORE_OPEN_EXISTING_FLAG |
CERT_STORE_READONLY_FLAG, L"MY");
if (cs == NULL) {
@@ -349,6 +352,7 @@
cd->cert_context = find_certificate_in_store(cert_prop, cs);
CertCloseStore(cs, 0);
if (!cd->cert_context) {
+ /* ...then HKEY_LOCAL_MACHINE... */
cs = CertOpenStore((LPCSTR) CERT_STORE_PROV_SYSTEM, 0, 0,
CERT_SYSTEM_STORE_LOCAL_MACHINE |
CERT_STORE_OPEN_EXISTING_FLAG |
CERT_STORE_READONLY_FLAG, L"MY");
if (cs == NULL) {
@@ -357,6 +361,18 @@
}
cd->cert_context = find_certificate_in_store(cert_prop, cs);
CertCloseStore(cs, 0);
+ }
+ if (!cd->cert_context) {
+ /* ...then HKEY_USERS... */
+ /* TODO: Maybe only try this if we're running as SYSTEM? */
+ cs = CertOpenStore((LPCSTR) CERT_STORE_PROV_SYSTEM, 0, 0,
CERT_SYSTEM_STORE_USERS |
+ CERT_STORE_OPEN_EXISTING_FLAG |
CERT_STORE_READONLY_FLAG, L"MY");
+ if (cs == NULL) {
+ CRYPTOAPIerr(CRYPTOAPI_F_CERT_OPEN_SYSTEM_STORE);
+ goto err;
+ }
+ cd->cert_context = find_certificate_in_store(cert_prop, cs);
+ CertCloseStore(cs, 0);
if (cd->cert_context == NULL) {
CRYPTOAPIerr(CRYPTOAPI_F_CERT_FIND_CERTIFICATE_IN_STORE);
goto err;
--
Peter 'Luna' Runestig (fd. Altberg), Sweden <pe...@runestig.com>
PGP Key ID: 0xD07BBE13
Fingerprint: 7B5C 1F48 2997 C061 DE4B 42EA CB99 A35C D07B BE13
AOL Instant Messenger Screen name: PRunestig
Yahoo! Messenger profile name: altberg
