luo980/hiredis
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge 69d24d042d into 77bcc73ebb

Browse Source
This commit is contained in:
masariello 2025-02-12 14:18:54 +00:00 committed by GitHub
commit 6086ab418f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 24 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ssl.c
View File

@ -288,13 +288,17 @@ redisSSLContext *redisCreateSSLContextWithOptions(redisSSLOptions *options, redi
if (capath || cacert_filename) { if (capath || cacert_filename) {
#ifdef _WIN32 #ifdef _WIN32
if (0 == strcmp(cacert_filename, "wincert")) { if (0 == strcmp(cacert_filename, "wincert")) {
win_store = CertOpenSystemStore(NULL, "Root"); char const* const subsystems[2] = { "Root", "CA" };
for (int i=0; i<2; ++i)
{
char const * const subsys = subsystems[i];
win_store = CertOpenSystemStore(0, subsys);
if (!win_store) { if (!win_store) {
if (error) *error = REDIS_SSL_CTX_OS_CERTSTORE_OPEN_FAILED; if (error) *error = REDIS_SSL_CTX_OS_CERTSTORE_OPEN_FAILED;
goto error; goto error;
} }
X509_STORE* store = SSL_CTX_get_cert_store(ctx->ssl_ctx); X509_STORE* store = SSL_CTX_get_cert_store(ctx->ssl_ctx);
while (win_ctx = CertEnumCertificatesInStore(win_store, win_ctx)) { while (0 != (win_ctx = CertEnumCertificatesInStore(win_store, win_ctx))) {
X509* x509 = NULL; X509* x509 = NULL;
x509 = d2i_X509(NULL, (const unsigned char**)&win_ctx->pbCertEncoded, win_ctx->cbCertEncoded); x509 = d2i_X509(NULL, (const unsigned char**)&win_ctx->pbCertEncoded, win_ctx->cbCertEncoded);
if (x509) { if (x509) {
@ -309,6 +313,7 @@ redisSSLContext *redisCreateSSLContextWithOptions(redisSSLOptions *options, redi
} }
CertFreeCertificateContext(win_ctx); CertFreeCertificateContext(win_ctx);
CertCloseStore(win_store, 0); CertCloseStore(win_store, 0);
}
} else } else
#endif #endif
if (!SSL_CTX_load_verify_locations(ctx->ssl_ctx, cacert_filename, capath)) { if (!SSL_CTX_load_verify_locations(ctx->ssl_ctx, cacert_filename, capath)) {