diff options
| author | Drew DeVault <sir@cmpwn.com> | 2020-09-24 17:55:10 -0400 |
|---|---|---|
| committer | Drew DeVault <sir@cmpwn.com> | 2020-09-24 17:55:10 -0400 |
| commit | 7af04ea4713770cd19cb9659a59f8758e4207c2c (patch) | |
| tree | aa77e290601382805e00417ca917740f2d3d4782 /src/tls.c | |
| parent | 0d1137f987d78f83e1222ece29a1438a49658d3c (diff) | |
| download | gmnisrv-7af04ea4713770cd19cb9659a59f8758e4207c2c.tar.gz gmnisrv-7af04ea4713770cd19cb9659a59f8758e4207c2c.tar.xz gmnisrv-7af04ea4713770cd19cb9659a59f8758e4207c2c.zip | |
tls: move cert/key into host structure
We'll later want to set these on the SSL object (rather than SSL_CTX),
so move these into the host struct for later access.
We'll prefer to set it on the SSL object so that we can automatically
use an up-to-date certificate, per ~sircmpwn/gmni#26.
Diffstat (limited to 'src/tls.c')
| -rw-r--r-- | src/tls.c | 13 |
1 files changed, 4 insertions, 9 deletions
@@ -86,10 +86,8 @@ tls_host_gencert(struct gmnisrv_tls *tlsconf, struct gmnisrv_host *host, return 1; } - r = SSL_CTX_use_certificate(host->ssl_ctx, x509); - assert(r == 1); - r = SSL_CTX_use_PrivateKey(host->ssl_ctx, pkey); - assert(r == 1); + host->x509 = x509; + host->pkey = pkey; return 0; } @@ -150,11 +148,8 @@ tls_host_init(struct gmnisrv_tls *tlsconf, struct gmnisrv_host *host) goto generate; } - r = SSL_CTX_use_certificate(host->ssl_ctx, x509); - assert(r == 1); - r = SSL_CTX_use_PrivateKey(host->ssl_ctx, pkey); - assert(r == 1); - + host->x509 = x509; + host->pkey = pkey; server_log("loaded certificate for %s", host->hostname); return 0; |
