+/*!
+ * Add a file of certs to a stack.
+ * \param stack the stack to add to.
+ * \param file the file to add from. All certs in this file that are not
+ * already in the stack will be added.
+ * \return 1 for success, 0 for failure. Note that in the case of failure some
+ * certs may have been added to \c stack.
+ */
+
+int SSL_add_cert_file_to_stack(STACK *stack,const char *file)
+ {
+ BIO *in;
+ X509 *x=NULL;
+ X509_NAME *xn=NULL;
+ int ret=1;
+ int (*oldcmp)();
+
+ oldcmp=sk_set_cmp_func(stack,name_cmp);
+
+ in=BIO_new(BIO_s_file_internal());
+
+ if (ret == NULL || in == NULL)
+ {
+ SSLerr(SSL_F_SSL_ADD_CERT_FILE_TO_STACK,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (!BIO_read_filename(in,file))
+ goto err;
+
+ for (;;)
+ {
+ if (PEM_read_bio_X509(in,&x,NULL) == NULL)
+ break;
+ if ((xn=X509_get_subject_name(x)) == NULL) goto err;
+ xn=X509_NAME_dup(xn);
+ if (xn == NULL) goto err;
+ if (sk_find(stack,(char *)xn) >= 0)
+ X509_NAME_free(xn);
+ else
+ sk_push(stack,(char *)xn);
+ }
+
+ if (0)
+ {
+err:
+ ret=0;
+ }
+ if(in != NULL)
+ BIO_free(in);
+ if(x != NULL)
+ X509_free(x);
+
+ sk_set_cmp_func(stack,oldcmp);
+
+ return ret;
+ }
+
+/*!
+ * Add a directory of certs to a stack.
+ * \param stack the stack to append to.
+ * \param dir the directory to append from. All files in this directory will be
+ * examined as potential certs. Any that are acceptable to
+ * SSL_add_cert_file_to_stack() that are not already in the stack will be
+ * included.
+ * \return 1 for success, 0 for failure. Note that in the case of failure some
+ * certs may have been added to \c stack.
+ */
+
+int SSL_add_cert_dir_to_stack(STACK *stack,const char *dir)
+ {
+ DIR *d=opendir(dir);
+ struct dirent *dstruct;
+
+ /* Note that a side effect is that the CAs will be sorted by name */
+ if(!d)
+ {
+ SSLerr(SSL_F_SSL_ADD_CERT_DIR_TO_STACK,ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ while((dstruct=readdir(d)))
+ {
+ char buf[1024];
+
+ if(strlen(dir)+strlen(dstruct->d_name)+2 > sizeof buf)
+ {
+ SSLerr(SSL_F_SSL_ADD_CERT_DIR_TO_STACK,SSL_R_PATH_TOO_LONG);
+ return 0;
+ }
+
+ sprintf(buf,"%s/%s",dir,dstruct->d_name);
+ if(!SSL_add_cert_file_to_stack(stack,buf))
+ return 0;
+ }
+
+ return 1;
+ }