mirror of
https://git.sr.ht/~sircmpwn/gmnisrv
synced 2024-12-04 14:46:42 -05:00
tls: move cert/key into host structure
We'll later want to set these on the SSL object (rather than SSL_CTX), so move these into the host struct for later access. We'll prefer to set it on the SSL object so that we can automatically use an up-to-date certificate, per ~sircmpwn/gmni#26.
This commit is contained in:
parent
0d1137f987
commit
7af04ea471
@ -13,6 +13,8 @@ struct gmnisrv_host {
|
|||||||
char *hostname;
|
char *hostname;
|
||||||
char *root;
|
char *root;
|
||||||
SSL_CTX *ssl_ctx;
|
SSL_CTX *ssl_ctx;
|
||||||
|
X509 *x509;
|
||||||
|
EVP_PKEY *pkey;
|
||||||
struct gmnisrv_host *next;
|
struct gmnisrv_host *next;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
13
src/tls.c
13
src/tls.c
@ -86,10 +86,8 @@ tls_host_gencert(struct gmnisrv_tls *tlsconf, struct gmnisrv_host *host,
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = SSL_CTX_use_certificate(host->ssl_ctx, x509);
|
host->x509 = x509;
|
||||||
assert(r == 1);
|
host->pkey = pkey;
|
||||||
r = SSL_CTX_use_PrivateKey(host->ssl_ctx, pkey);
|
|
||||||
assert(r == 1);
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -150,11 +148,8 @@ tls_host_init(struct gmnisrv_tls *tlsconf, struct gmnisrv_host *host)
|
|||||||
goto generate;
|
goto generate;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = SSL_CTX_use_certificate(host->ssl_ctx, x509);
|
host->x509 = x509;
|
||||||
assert(r == 1);
|
host->pkey = pkey;
|
||||||
r = SSL_CTX_use_PrivateKey(host->ssl_ctx, pkey);
|
|
||||||
assert(r == 1);
|
|
||||||
|
|
||||||
server_log("loaded certificate for %s", host->hostname);
|
server_log("loaded certificate for %s", host->hostname);
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user