Paste: SSL cert loading on windows (not quite right)
| Author: | erg |
|---|
| Mode: | factor |
|---|
| Date: | Sun, 13 Mar 2016 09:41:44 |
|---|
Plain Text |
USING: accessors alien destructors io.ports io.sockets.private
io.sockets.secure io.sockets.secure.openssl io.sockets.windows
kernel locals math openssl openssl.libcrypto openssl.libssl
system windows.crypt32 windows.errors windows.winsock ;
IN: io.sockets.secure.windows
M: openssl ssl-supported? t ;
M: openssl ssl-certificate-verification-supported? t ;
: close-windows-cert-store ( HCERTSTORE -- )
0 CertCloseStore win32-error=0/f ;
: load-windows-cert-store ( string -- HCERTSTORE )
[ f ] dip CertOpenSystemStore
[ win32-error-string throw ] when-zero ;
:: set-windows-certs ( -- )
[
"ROOT" load-windows-cert-store :> cs
f :> ctx!
[
cs ctx CertEnumCertificatesInStore ctx!
ctx . flush
] [ ctx ] do while
f ctx [ pbCertEncoded>> ] [ cbCertEncoded>> ] bi d2i_X509 ssl-error
] with-destructors ;
M: windows socket-handle handle>> alien-address ;
M: secure ((client)) ( addrspec -- handle )
[ addrspec>> ((client)) ] [ hostname>> ] bi <ssl-socket> ;
M: secure (get-local-address) ( handle remote -- sockaddr )
[ file>> ] [ addrspec>> ] bi* (get-local-address) ;
M: secure parse-sockaddr addrspec>> parse-sockaddr f <secure> ;
M:: secure establish-connection ( client-out addrspec -- )
client-out handle>> file>> :> socket
socket FIONBIO 1 set-ioctl-socket
socket <output-port> addrspec addrspec>> establish-connection
client-out addrspec secure-connection
socket FIONBIO 0 set-ioctl-socket ;
M: windows non-ssl-socket? win32-socket? ;
| Author: | erg |
|---|
| Mode: | factor |
|---|
| Date: | Sun, 13 Mar 2016 09:58:40 |
|---|
Plain Text |
USING: accessors alien destructors io.ports io.sockets.private
io.sockets.secure io.sockets.secure.openssl io.sockets.windows
kernel locals math openssl openssl.libcrypto openssl.libssl
system windows.crypt32 windows.errors windows.winsock ;
IN: io.sockets.secure.windows
M: openssl ssl-supported? t ;
M: openssl ssl-certificate-verification-supported? t ;
: close-windows-cert-store ( HCERTSTORE -- )
0 CertCloseStore win32-error=0/f ;
: load-windows-cert-store ( string -- HCERTSTORE )
[ f ] dip CertOpenSystemStore
[ win32-error-string throw ] when-zero ;
:: set-windows-certs ( -- )
[
"ROOT" load-windows-cert-store :> cs
f :> ctx!
[ ctx ]
[
B
cs ctx CertEnumCertificatesInStore ctx!
ctx . flush
B f ctx [ pbCertEncoded>> ] [ cbCertEncoded>> ] bi d2i_X509 ssl-error
] do while
] with-destructors ;
M: windows socket-handle handle>> alien-address ;
M: secure ((client)) ( addrspec -- handle )
[ addrspec>> ((client)) ] [ hostname>> ] bi <ssl-socket> ;
M: secure (get-local-address) ( handle remote -- sockaddr )
[ file>> ] [ addrspec>> ] bi* (get-local-address) ;
M: secure parse-sockaddr addrspec>> parse-sockaddr f <secure> ;
M:: secure establish-connection ( client-out addrspec -- )
client-out handle>> file>> :> socket
socket FIONBIO 1 set-ioctl-socket
socket <output-port> addrspec addrspec>> establish-connection
client-out addrspec secure-connection
socket FIONBIO 0 set-ioctl-socket ;
M: windows non-ssl-socket? win32-socket? ;
| Author: | erg |
|---|
| Mode: | factor |
|---|
| Date: | Sun, 13 Mar 2016 10:09:31 |
|---|
Plain Text |
http://stackoverflow.com/questions/26893521/ca-certificate-directory-on-windows
http://ftp.netbsd.org/pub/NetBSD/NetBSD-current/src/external/bsd/wpa/dist/src/crypto/tls_openssl.c
http://stackoverflow.com/questions/27026566/api-openssl-wincrypt-unable-to-get-local-issuer-certificate-certificate-n
New Annotation