Indy can't load Root Certificate File in 10.3.3

Hello

I'm having a strange issue with Indy and Open SSL in my HTTP Server

I believe it must be something related to 10.3.3 because I never had this issue before

Indy can't load the root certificate file for an HTTP Server when I activate the server, somehow the filename passed to the crypto library is passed with junk data

As you can see, the library is passing junk data, probably in string conversion..

I poked into the indy source code and I find something funny in method by_Indy_unicode_file_ctrl

Specifically here:

X509_FILETYPE_PEM:
begin
// Note that typecasting an AnsiChar as a WideChar is normally a crazy
// thing to do. The thing is that the OpenSSL API is based on ASCII or
// UTF8, not Unicode and we are writing this just for Unicode filenames.
LFileName := PWideChar(argc);
LOk := Ord(Indy_unicode_X509_load_cert_crl_file(ctx, LFileName,
X509_FILETYPE_PEM) <> 0);

The thing is, LFileName is an unicode string (UTF-16 defined as String) while argc is PAnsiChar and is pointing to an UTF8 buffer defined in IndyX509_STORE_load_locations when calling:

if (X509_LOOKUP_load_file(lookup,
{$IFDEF USE_MARSHALLED_PTRS}
M.AsUtf8(AFileName).ToPointer,
{$ELSE}
PAnsiChar(UTF8String(AFileName)),
{$ENDIF}
X509_FILETYPE_PEM) <> 1) then begin
Exit;

See, it converts AFileName to UTF8String and then passes it as PAnsiChar to the routine, that is later received by method by_Indy_unicode_file_ctrl that then tries to access and read argc as if it were a UTF-16 buffer.

This looks funny to me.. and its causing the trouble that I can't load SSL for my HTTP server anymore

Parents
No Data
Reply Children
No Data