#include "EXTERN.h"
#include "perl.h"
#include "XSUB.h"
#include "ppport.h"
#include <openssl/ssl.h>
#include <openssl/bio.h>
MODULE = POE::Filter::SSL PACKAGE = POE::Filter::SSL
ASN1_INTEGER *
X509_get_serialNumber(cert)
X509 * cert
CODE:
RETVAL = X509_get_serialNumber(cert);
ST(0) = sv_newmortal(); /* Undefined to start with */
sv_setpvn( ST(0), RETVAL->data, RETVAL->length);
ASN1_INTEGER *
verify_serial_against_crl_file(crlfile, serial)
CODE:
X509_CRL *crl=NULL;
X509_REVOKED *revoked;
BIO *in=NULL;
int n,i,retval = 0;
STRLEN len, lenser;
unsigned char* crlfile = SvPV( ST(0), len);
unsigned char* serial = SvPV( ST(1), lenser);
ST(0) = sv_newmortal(); /* Undefined to start with */
/* check peer cert against CRL */
if (len <= 0) {
sv_setpvn(ST(0), "CRL: No file name given!", 24);
goto end;
}
in=BIO_new(BIO_s_file());
if (in == NULL) {
sv_setpvn(ST(0), "CRL: BIO err", 12);
goto end;
}
if (BIO_read_filename(in, crlfile) <= 0) {
sv_setpvn(ST(0), "CRL: cannot read CRL File", 25);
goto end;
}
crl=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
if (crl == NULL) {
sv_setpvn(ST(0), "CRL: cannot read from CRL File", 30);
goto end;
}
n = sk_num(X509_CRL_get_REVOKED(crl));
if (n > 0) {
for (i = 0; i < n; i++) {
revoked = (X509_REVOKED *)sk_value(X509_CRL_get_REVOKED(crl), i);
if ( (revoked->serialNumber->length > 0) &&
(revoked->serialNumber->length == lenser) &&
(strncmp(revoked->serialNumber->data, serial, lenser) == 0)) {
sv_setpvn( ST(0), revoked->serialNumber->data, revoked->serialNumber->length);
goto end;
}
}
sv_setpvn(ST(0), "0", 1);
} else {
sv_setpvn(ST(0), "CRL: Empty File", 15);
}
end:
BIO_free(in);
if (crl) X509_CRL_free (crl);