Do not use OpenSSL functions that operates with FILE to avoid potential CRT
versions mismatch. Use BIO based functions instead.
* test/MockHTTPinC/MockHTTP_server.c
(initSSLCtx): Use PEM_read_bio_X509() instead of PEM_read_X509() to read
certificates.
* test/test_ssl.c
(verify_ocsp_response): Use PEM_read_bio_PrivateKey() instead of
PEM_read_PrivateKey().
git-svn-id: https://svn.apache.org/repos/asf/serf/trunk@1909252 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/test/MockHTTPinC/MockHTTP_server.c b/test/MockHTTPinC/MockHTTP_server.c
index 43f52bd..ce10927 100644
--- a/test/MockHTTPinC/MockHTTP_server.c
+++ b/test/MockHTTPinC/MockHTTP_server.c
@@ -2748,12 +2748,12 @@
store = SSL_CTX_get_cert_store(ssl_ctx->ctx);
for (i = 1; i < cctx->certFiles->nelts; i++) {
- FILE *fp;
+ BIO *bio;
certfile = APR_ARRAY_IDX(cctx->certFiles, i, const char *);
- fp = fopen(certfile, "r");
- if (fp) {
- X509 *ssl_cert = PEM_read_X509(fp, NULL, NULL, NULL);
- fclose(fp);
+ bio = BIO_new_file(certfile, "r");
+ if (bio) {
+ X509 *ssl_cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
+ BIO_free(bio);
X509_STORE_add_cert(store, ssl_cert);
SSL_CTX_add_extra_chain_cert(ssl_ctx->ctx, ssl_cert);
diff --git a/test/test_ssl.c b/test/test_ssl.c
index 4b7c0b0..8dc04c9 100644
--- a/test/test_ssl.c
+++ b/test/test_ssl.c
@@ -2571,10 +2571,10 @@
? get_srcdir_file(tb->pool, "test/certs/private/serfrootcakey.pem")
: get_srcdir_file(tb->pool, "test/certs/private/serfserverkey.pem"));
- FILE * pkey_file = fopen(fname, "rb");
- if (pkey_file) {
- pkey = PEM_read_PrivateKey(pkey_file, NULL, pkey_password_cb, NULL);
- fclose(pkey_file);
+ BIO * pkey_bio = BIO_new_file(fname, "rb");
+ if (pkey_bio) {
+ pkey = PEM_read_bio_PrivateKey(pkey_bio, NULL, pkey_password_cb, NULL);
+ BIO_free(pkey_bio);
}
if (!pkey)
return APR_EGENERAL;