vpn-manager: Accept PEM files
Try to open CA certificate files as PEM when trying to retrieve
subject information from certificates.
BUG=chromium:249363
TEST=Unit tests.
Change-Id: I41cb60ddcbb4e6a0e2eb1a4120a58d1f8955c344
Reviewed-on: https://gerrit.chromium.org/gerrit/60542
Reviewed-by: Christopher Wiley <wiley@chromium.org>
Reviewed-by: Darin Petkov <petkov@chromium.org>
Commit-Queue: Paul Stewart <pstew@chromium.org>
Tested-by: Paul Stewart <pstew@chromium.org>
diff --git a/ipsec_manager.cc b/ipsec_manager.cc
index 3ba2fe7..a2c5283 100644
--- a/ipsec_manager.cc
+++ b/ipsec_manager.cc
@@ -20,6 +20,7 @@
#include "base/string_util.h"
#include "chromeos/process.h"
#include "gflags/gflags.h"
+#include "openssl/pem.h"
#include "openssl/x509.h"
#include "vpn-manager/daemon.h"
@@ -184,6 +185,10 @@
return false;
}
X509* cert = d2i_X509_fp(fp, NULL);
+ if (cert == NULL) {
+ fseek(fp, 0, SEEK_SET);
+ cert = PEM_read_X509(fp, NULL, NULL, NULL);
+ }
fclose(fp);
if (!cert) {
LOG(ERROR) << "Error parsing certificate";