summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDrew DeVault <sir@cmpwn.com>2020-09-24 17:55:10 -0400
committerDrew DeVault <sir@cmpwn.com>2020-09-24 17:55:10 -0400
commit7af04ea4713770cd19cb9659a59f8758e4207c2c (patch)
treeaa77e290601382805e00417ca917740f2d3d4782
parent0d1137f987d78f83e1222ece29a1438a49658d3c (diff)
downloadgmnisrv-7af04ea4713770cd19cb9659a59f8758e4207c2c.tar.gz
gmnisrv-7af04ea4713770cd19cb9659a59f8758e4207c2c.tar.xz
gmnisrv-7af04ea4713770cd19cb9659a59f8758e4207c2c.zip
tls: move cert/key into host structure
We'll later want to set these on the SSL object (rather than SSL_CTX), so move these into the host struct for later access. We'll prefer to set it on the SSL object so that we can automatically use an up-to-date certificate, per ~sircmpwn/gmni#26.
-rw-r--r--include/config.h2
-rw-r--r--src/tls.c13
2 files changed, 6 insertions, 9 deletions
diff --git a/include/config.h b/include/config.h
index d42a1bf..495db3a 100644
--- a/include/config.h
+++ b/include/config.h
@@ -13,6 +13,8 @@ struct gmnisrv_host {
char *hostname;
char *root;
SSL_CTX *ssl_ctx;
+ X509 *x509;
+ EVP_PKEY *pkey;
struct gmnisrv_host *next;
};
diff --git a/src/tls.c b/src/tls.c
index 29bfd24..ad5ed4c 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -86,10 +86,8 @@ tls_host_gencert(struct gmnisrv_tls *tlsconf, struct gmnisrv_host *host,
return 1;
}
- r = SSL_CTX_use_certificate(host->ssl_ctx, x509);
- assert(r == 1);
- r = SSL_CTX_use_PrivateKey(host->ssl_ctx, pkey);
- assert(r == 1);
+ host->x509 = x509;
+ host->pkey = pkey;
return 0;
}
@@ -150,11 +148,8 @@ tls_host_init(struct gmnisrv_tls *tlsconf, struct gmnisrv_host *host)
goto generate;
}
- r = SSL_CTX_use_certificate(host->ssl_ctx, x509);
- assert(r == 1);
- r = SSL_CTX_use_PrivateKey(host->ssl_ctx, pkey);
- assert(r == 1);
-
+ host->x509 = x509;
+ host->pkey = pkey;
server_log("loaded certificate for %s", host->hostname);
return 0;