Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

nixio: Add support for DER keyfiles

Browse source
This commit is contained in:
Steven Barth 2009-06-06 13:03:31 +00:00
parent c07ab17d59
commit 0d20041419
2 changed files with 12 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
libs/nixio/src/axtls-compat.h
View file

@ -44,6 +44,7 @@
#define SSL_OP_NO_SSLv3 0x02000000L #define SSL_OP_NO_SSLv3 0x02000000L
#define SSL_OP_NO_SSLv2 0x01000000L #define SSL_OP_NO_SSLv2 0x01000000L
#define SSL_FILETYPE_PEM 1 #define SSL_FILETYPE_PEM 1
#define SSL_FILETYPE_ASN1 2
#define SSL_VERIFY_NONE 0x00 #define SSL_VERIFY_NONE 0x00
#define SSL_VERIFY_PEER 0x01 #define SSL_VERIFY_PEER 0x01
#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02 #define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02

12
libs/nixio/src/tls-context.c
View file

@ -119,7 +119,17 @@ static int nixio_tls_ctx_set_cert(lua_State *L) {
static int nixio_tls_ctx_set_key(lua_State *L) { static int nixio_tls_ctx_set_key(lua_State *L) {
SSL_CTX *ctx = nixio__checktlsctx(L); SSL_CTX *ctx = nixio__checktlsctx(L);
const char *cert = luaL_checkstring(L, 2); const char *cert = luaL_checkstring(L, 2);
const int ktype = SSL_FILETYPE_PEM; const char *type = luaL_optstring(L, 3, "pem");
int ktype;
if (!strcmp(type, "pem")) {
ktype = SSL_FILETYPE_PEM;
} else if (!strcmp(type, "asn1")) {
ktype = SSL_FILETYPE_ASN1;
} else {
return luaL_argerror(L, 3, "supported values: pem, asn1");
}
return nixio__tls_pstatus(L, SSL_CTX_use_PrivateKey_file(ctx, cert, ktype)); return nixio__tls_pstatus(L, SSL_CTX_use_PrivateKey_file(ctx, cert, ktype));
} }