thac0/gmnisrv
1
0
Fork 0
forked from aniani/gmnisrv
Code Pull Requests Activity

tls: move cert/key into host structure

Browse Source 
We'll later want to set these on the SSL object (rather than SSL_CTX),
so move these into the host struct for later access.

We'll prefer to set it on the SSL object so that we can automatically
use an up-to-date certificate, per ~sircmpwn/gmni#26.
This commit is contained in:
Drew DeVault 2020-09-24 17:55:10 -04:00
parent 0d1137f987
commit 7af04ea471
2 changed files with 6 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/config.h
View File

@ -13,6 +13,8 @@ struct gmnisrv_host {
char *hostname; char *hostname;
char *root; char *root;
SSL_CTX *ssl_ctx; SSL_CTX *ssl_ctx;
X509 *x509;
EVP_PKEY *pkey;
struct gmnisrv_host *next; struct gmnisrv_host *next;
}; };

13
src/tls.c
View File

@ -86,10 +86,8 @@ tls_host_gencert(struct gmnisrv_tls *tlsconf, struct gmnisrv_host *host,
return 1; return 1;
} }
r = SSL_CTX_use_certificate(host->ssl_ctx, x509); host->x509 = x509;
assert(r == 1); host->pkey = pkey;
r = SSL_CTX_use_PrivateKey(host->ssl_ctx, pkey);
assert(r == 1);
return 0; return 0;
} }
@ -150,11 +148,8 @@ tls_host_init(struct gmnisrv_tls *tlsconf, struct gmnisrv_host *host)
goto generate; goto generate;
} }
r = SSL_CTX_use_certificate(host->ssl_ctx, x509); host->x509 = x509;
assert(r == 1); host->pkey = pkey;
r = SSL_CTX_use_PrivateKey(host->ssl_ctx, pkey);
assert(r == 1);
server_log("loaded certificate for %s", host->hostname); server_log("loaded certificate for %s", host->hostname);
return 0; return 0;