628 |
uint32 certcount; |
uint32 certcount; |
629 |
|
|
630 |
DEBUG_RDP5(("We're going for the RDP5-style encryption\n")); |
DEBUG_RDP5(("We're going for the RDP5-style encryption\n")); |
631 |
in_uint32_le(s, certcount); /* Number of certificates */ |
in_uint32_le(s, certcount); /* Number of certificates */ |
632 |
|
|
633 |
if(certcount < 2) |
if (certcount < 2) |
634 |
{ |
{ |
635 |
error("Server didn't send enough X509 certificates\n"); |
error("Server didn't send enough X509 certificates\n"); |
636 |
return False; |
return False; |
637 |
} |
} |
638 |
|
|
639 |
for(; certcount > 2; certcount--) |
for (; certcount > 2; certcount--) |
640 |
{ /* ignore all the certificates between the root and the signing CA */ |
{ /* ignore all the certificates between the root and the signing CA */ |
641 |
uint32 ignorelen; |
uint32 ignorelen; |
642 |
X509 *ignorecert; |
X509 *ignorecert; |
643 |
|
|
647 |
DEBUG_RDP5(("Ignored Certificate length is %d\n", ignorelen)); |
DEBUG_RDP5(("Ignored Certificate length is %d\n", ignorelen)); |
648 |
ignorecert = d2i_X509(NULL, &(s->p), ignorelen); |
ignorecert = d2i_X509(NULL, &(s->p), ignorelen); |
649 |
|
|
650 |
if(ignorecert == NULL) |
if (ignorecert == NULL) |
651 |
{ /* XXX: error out? */ |
{ /* XXX: error out? */ |
652 |
DEBUG_RDP5(("got a bad cert: this will probably screw up the rest of the communication\n")); |
DEBUG_RDP5(("got a bad cert: this will probably screw up the rest of the communication\n")); |
653 |
} |
} |
654 |
|
|
655 |
#ifdef WITH_DEBUG_RDP5 |
#ifdef WITH_DEBUG_RDP5 |
656 |
DEBUG_RDP5(("cert #%d (ignored):\n",certcount)); |
DEBUG_RDP5(("cert #%d (ignored):\n", certcount)); |
657 |
X509_print_fp(stdout, ignorecert); |
X509_print_fp(stdout, ignorecert); |
658 |
#endif |
#endif |
659 |
} |
} |