From 9ab52fe70006748f23663f30ef7f6ccbdef6165a Mon Sep 17 00:00:00 2001 From: Mark Kelly Date: Fri, 1 Sep 2023 08:46:59 -0400 Subject: [PATCH] HPCC-27255 TLS cert/key as buffers 3 Signed-off-by: Mark Kelly --- esp/bindings/SOAP/Platform/soapbind.cpp | 2 +- system/security/securesocket/securesocket.cpp | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/esp/bindings/SOAP/Platform/soapbind.cpp b/esp/bindings/SOAP/Platform/soapbind.cpp index 2e6280024d2..f74be227efd 100644 --- a/esp/bindings/SOAP/Platform/soapbind.cpp +++ b/esp/bindings/SOAP/Platform/soapbind.cpp @@ -286,7 +286,7 @@ static IPropertyTree *createSecClientConfigBuf(const char *clientCertBuf, const if (!isEmptyString(caCertsBuf)) { IPropertyTree *ca = ensurePTree(verify, "ca_certificates"); - ca->setProp("@pem", caCertsBuf); + ca->setProp("pem", caCertsBuf); } verify->setPropBool("@enable", true); verify->setPropBool("@accept_selfsigned", acceptSelfSigned); diff --git a/system/security/securesocket/securesocket.cpp b/system/security/securesocket/securesocket.cpp index 4d9130df9d5..f1b3e87b762 100644 --- a/system/security/securesocket/securesocket.cpp +++ b/system/security/securesocket/securesocket.cpp @@ -1286,6 +1286,8 @@ static bool isPEMBuffer(const char *certBuf) // -----BEGIN PRIVATE KEY----- // -----BEGIN RSA PRIVATE KEY----- // -----BEGIN CERTIFICATE----- + // or maybe just: + // -----BEGIN if ( (strstr(certBuf, "-----BEGIN PRIVATE KEY-----")) || (strstr(certBuf, "-----BEGIN RSA PRIVATE KEY-----")) || @@ -1528,7 +1530,7 @@ class CSecureSocketContext : implements ISecureSocketContext, public CInterface if(m_verify) { - const char *cacertbuf = config->queryProp("verify/ca_certificates/@pem"); + const char *cacertbuf = config->queryProp("verify/ca_certificates/pem"); if (cacertbuf && *cacertbuf) { // can have multiple certs in buffer