VLC_ADD_CFLAGS([gnutls], [$GNUTLS_CFLAGS])
AS_IF([test "${SYS}" = "mingw32"], [
dnl pkg-config --libs gnutls omits these
- VLC_ADD_LIBS([gnutls], [-lz ${LTLIBINTL}])
+ VLC_ADD_LIBS([gnutls], [-lz ${LTLIBINTL} -lcrypt32])
])
VLC_ADD_LIBS([gnutls], [${GCRYPT_LIBS}])
VLC_ADD_CFLAGS([gnutls], [${GCRYPT_CFLAGS}])
#endif
#ifdef WIN32
# include <io.h>
+# include <wincrypt.h>
#else
# include <unistd.h>
#endif
gnutls_Addx509File( vlc_object_t *p_this,
gnutls_certificate_credentials_t cred,
const char *psz_path, bool b_priv );
+#ifdef WIN32
+static int gnutls_loadOSCAList(vlc_object_t *p_this,
+ gnutls_certificate_credentials_t cred);
+#endif
static int
gnutls_Addx509Directory( vlc_object_t *p_this,
return VLC_EGENERIC;
}
+#ifdef WIN32
+static int
+gnutls_loadOSCAList( vlc_object_t *p_this,
+ gnutls_certificate_credentials cred)
+{
+ HCERTSTORE hCertStore = CertOpenSystemStoreA((HCRYPTPROV)NULL, "ROOT");
+ if (!hCertStore)
+ {
+ msg_Warn (p_this, "could not open the Cert SystemStore");
+ return VLC_EGENERIC;
+ }
+
+ PCCERT_CONTEXT pCertContext = CertEnumCertificatesInStore(hCertStore, NULL);
+ while( pCertContext )
+ {
+ gnutls_datum data = {
+ .data = pCertContext->pbCertEncoded,
+ .size = pCertContext->cbCertEncoded,
+ };
+
+ if(!gnutls_certificate_set_x509_trust_mem(cred, &data, GNUTLS_X509_FMT_DER))
+ {
+ msg_Warn (p_this, "cannot add x509 credential");
+ return VLC_EGENERIC;
+ }
+
+ pCertContext = CertEnumCertificatesInStore(hCertStore, pCertContext);
+ }
+ return VLC_SUCCESS;
+}
+#endif
/** TLS client session data */
typedef struct tls_client_sys_t
char path[strlen (confdir)
+ sizeof ("/ssl/certs/ca-certificates.crt")];
sprintf (path, "%s/ssl/certs/ca-certificates.crt", confdir);
+#ifdef WIN32
+ gnutls_loadOSCAList (VLC_OBJECT (p_session),
+ p_sys->x509_cred);
+#else
gnutls_Addx509File (VLC_OBJECT (p_session),
p_sys->x509_cred, path, false);
+#endif
}
p_session->pf_handshake = gnutls_HandshakeAndValidate;
/*p_session->pf_handshake = gnutls_ContinueHandshake;*/