From e8770373c965dc8becaf24a77f964bb487f1fa35 Mon Sep 17 00:00:00 2001
From: Viktor Szakats <harbour@syenar.net>
Date: Mon, 20 Jul 2009 07:21:48 +0000
Subject: [PATCH] 2009-07-20 09:22 UTC+0200 Viktor Szakats (harbour.01
 syenar.hu)   * contrib/hbssl/sslctx.c   * contrib/hbssl/ssl.c   *
 contrib/hbssl/hbssl.ch   * contrib/hbssl/sslx509.c     + Added X509
 verification result codes.     + Added unused yet X509 object GC functions.  
   ! Casting for C++

---
 harbour/ChangeLog               |  9 +++++++
 harbour/contrib/hbssl/hbssl.ch  | 46 +++++++++++++++++++++++++++++++++
 harbour/contrib/hbssl/ssl.c     |  4 +--
 harbour/contrib/hbssl/sslctx.c  |  6 ++---
 harbour/contrib/hbssl/sslx509.c | 27 +++++++++++++++++++
 5 files changed, 87 insertions(+), 5 deletions(-)

diff --git a/harbour/ChangeLog b/harbour/ChangeLog
index e04a76673f..7dd0c33a20 100644
--- a/harbour/ChangeLog
+++ b/harbour/ChangeLog
@@ -17,6 +17,15 @@
    past entries belonging to author(s): Viktor Szakats.
 */
 
+2009-07-20 09:22 UTC+0200 Viktor Szakats (harbour.01 syenar.hu)
+  * contrib/hbssl/sslctx.c
+  * contrib/hbssl/ssl.c
+  * contrib/hbssl/hbssl.ch
+  * contrib/hbssl/sslx509.c
+    + Added X509 verification result codes.
+    + Added unused yet X509 object GC functions.
+    ! Casting for C++
+
 2009-07-20 09:09 UTC+0200 Viktor Szakats (harbour.01 syenar.hu)
   * contrib/hbssl/ssl.c
   * contrib/hbssl/sslctx.c
diff --git a/harbour/contrib/hbssl/hbssl.ch b/harbour/contrib/hbssl/hbssl.ch
index 43f007fbce..3acd30efe7 100644
--- a/harbour/contrib/hbssl/hbssl.ch
+++ b/harbour/contrib/hbssl/hbssl.ch
@@ -128,4 +128,50 @@
 #define HB_BIO_NOCLOSE                                      0x00
 #define HB_BIO_CLOSE                                        0x01
 
+#define HB_X509_V_OK                                        0
+#define HB_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT             2
+#define HB_X509_V_ERR_UNABLE_TO_GET_CRL                     3
+#define HB_X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE      4
+#define HB_X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE       5
+#define HB_X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY    6
+#define HB_X509_V_ERR_CERT_SIGNATURE_FAILURE                7
+#define HB_X509_V_ERR_CRL_SIGNATURE_FAILURE                 8
+#define HB_X509_V_ERR_CERT_NOT_YET_VALID                    9
+#define HB_X509_V_ERR_CERT_HAS_EXPIRED                      10
+#define HB_X509_V_ERR_CRL_NOT_YET_VALID                     11
+#define HB_X509_V_ERR_CRL_HAS_EXPIRED                       12
+#define HB_X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD        13
+#define HB_X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD         14
+#define HB_X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD        15
+#define HB_X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD        16
+#define HB_X509_V_ERR_OUT_OF_MEM                            17
+#define HB_X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT           18
+#define HB_X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN             19
+#define HB_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY     20
+#define HB_X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE       21
+#define HB_X509_V_ERR_CERT_CHAIN_TOO_LONG                   22
+#define HB_X509_V_ERR_CERT_REVOKED                          23
+#define HB_X509_V_ERR_INVALID_CA                            24
+#define HB_X509_V_ERR_PATH_LENGTH_EXCEEDED                  25
+#define HB_X509_V_ERR_INVALID_PURPOSE                       26
+#define HB_X509_V_ERR_CERT_UNTRUSTED                        27
+#define HB_X509_V_ERR_CERT_REJECTED                         28
+#define HB_X509_V_ERR_SUBJECT_ISSUER_MISMATCH               29
+#define HB_X509_V_ERR_AKID_SKID_MISMATCH                    30
+#define HB_X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH           31
+#define HB_X509_V_ERR_KEYUSAGE_NO_CERTSIGN                  32
+#define HB_X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER              33
+#define HB_X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION          34
+#define HB_X509_V_ERR_KEYUSAGE_NO_CRL_SIGN                  35
+#define HB_X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION      36
+#define HB_X509_V_ERR_INVALID_NON_CA                        37
+#define HB_X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED            38
+#define HB_X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE         39
+#define HB_X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED        40
+#define HB_X509_V_ERR_INVALID_EXTENSION                     41
+#define HB_X509_V_ERR_INVALID_POLICY_EXTENSION              42
+#define HB_X509_V_ERR_NO_EXPLICIT_POLICY                    43
+#define HB_X509_V_ERR_UNNESTED_RESOURCE                     44
+#define HB_X509_V_ERR_APPLICATION_VERIFICATION              50
+
 #endif /* HBSSL_CH_ */
diff --git a/harbour/contrib/hbssl/ssl.c b/harbour/contrib/hbssl/ssl.c
index a650a82203..f2566f3e99 100644
--- a/harbour/contrib/hbssl/ssl.c
+++ b/harbour/contrib/hbssl/ssl.c
@@ -1207,7 +1207,7 @@ HB_FUNC( SSL_USE_CERTIFICATE )
    if( hb_SSL_is( 1 ) )
    {
       SSL * ssl = hb_SSL_par( 1 );
-      X509 * x509 = hb_parptr( 2 );
+      X509 * x509 = ( X509 * ) hb_parptr( 2 );
 
       if( ssl && x509 )
          hb_retni( SSL_use_certificate( ssl, x509 ) );
@@ -1221,7 +1221,7 @@ HB_FUNC( SSL_ADD_CLIENT_CA )
    if( hb_SSL_is( 1 ) )
    {
       SSL * ssl = hb_SSL_par( 1 );
-      X509 * x509 = hb_parptr( 2 );
+      X509 * x509 = ( X509 * ) hb_parptr( 2 );
 
       if( ssl && x509 )
          hb_retni( SSL_add_client_CA( ssl, x509 ) );
diff --git a/harbour/contrib/hbssl/sslctx.c b/harbour/contrib/hbssl/sslctx.c
index 7b1fae6fce..e3198d7700 100644
--- a/harbour/contrib/hbssl/sslctx.c
+++ b/harbour/contrib/hbssl/sslctx.c
@@ -575,7 +575,7 @@ HB_FUNC( SSL_CTX_USE_CERTIFICATE )
    if( hb_SSL_CTX_is( 1 ) )
    {
       SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
-      X509 * x509 = hb_parptr( 2 );
+      X509 * x509 = ( X509 * ) hb_parptr( 2 );
 
       if( ctx && x509 )
          hb_retni( SSL_CTX_use_certificate( ctx, x509 ) );
@@ -589,7 +589,7 @@ HB_FUNC( SSL_CTX_ADD_CLIENT_CA )
    if( hb_SSL_CTX_is( 1 ) )
    {
       SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
-      X509 * x509 = hb_parptr( 2 );
+      X509 * x509 = ( X509 * ) hb_parptr( 2 );
 
       if( ctx && x509 )
          hb_retni( SSL_CTX_add_client_CA( ctx, x509 ) );
@@ -603,7 +603,7 @@ HB_FUNC( SSL_CTX_ADD_EXTRA_CHAIN_CERT )
    if( hb_SSL_CTX_is( 1 ) )
    {
       SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
-      X509 * x509 = hb_parptr( 2 );
+      X509 * x509 = ( X509 * ) hb_parptr( 2 );
 
       if( ctx && x509 )
          hb_retnl( SSL_CTX_add_extra_chain_cert( ctx, x509 ) );
diff --git a/harbour/contrib/hbssl/sslx509.c b/harbour/contrib/hbssl/sslx509.c
index 1b8e61f1b4..bee4454ec6 100644
--- a/harbour/contrib/hbssl/sslx509.c
+++ b/harbour/contrib/hbssl/sslx509.c
@@ -55,6 +55,33 @@
 
 #include "hbssl.h"
 
+static HB_GARBAGE_FUNC( X509_release )
+{
+   void ** ph = ( void ** ) Cargo;
+
+   /* Check if pointer is not NULL to avoid multiple freeing */
+   if( ph && * ph )
+   {
+      /* Destroy the object */
+      X509_free( ( X509 * ) * ph );
+
+      /* set pointer to NULL just in case */
+      * ph = NULL;
+   }
+}
+
+void * hb_X509_is( int iParam )
+{
+   return hb_parptrGC( X509_release, iParam );
+}
+
+X509 * hb_X509_par( int iParam )
+{
+   void ** ph = ( void ** ) hb_parptrGC( X509_release, iParam );
+
+   return ph ? ( X509 * ) * ph : NULL;
+}
+
 HB_FUNC( X509_GET_SUBJECT_NAME )
 {
    X509 * x509 = ( X509 * ) hb_parptr( 1 );