diff options
| author | Steven Fackler <[email protected]> | 2017-02-16 21:26:26 -0800 |
|---|---|---|
| committer | GitHub <[email protected]> | 2017-02-16 21:26:26 -0800 |
| commit | 5122b92f56327721f3c9b271e85808c3d692e2e1 (patch) | |
| tree | 5296967069e6a1634eed2e88d1031dc7d286adef /openssl/src/ssl/mod.rs | |
| parent | Update 1.1.0 version (diff) | |
| parent | add Ok to result (diff) | |
| download | rust-openssl-5122b92f56327721f3c9b271e85808c3d692e2e1.tar.xz rust-openssl-5122b92f56327721f3c9b271e85808c3d692e2e1.zip | |
Merge pull request #582 from bluejekyll/master
add set_verify_cert_store() to ssl ctx
Diffstat (limited to 'openssl/src/ssl/mod.rs')
| -rw-r--r-- | openssl/src/ssl/mod.rs | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index 5a65aa77..a14d0cb9 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -99,6 +99,8 @@ use ec::EcKeyRef; use ec::EcKey; use x509::{X509StoreContextRef, X509FileType, X509, X509Ref, X509VerifyError, X509Name}; use x509::store::{X509StoreBuilderRef, X509StoreRef}; +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +use x509::store::X509Store; #[cfg(any(ossl102, ossl110))] use verify::X509VerifyParamRef; use pkey::PKeyRef; @@ -652,6 +654,21 @@ impl SslContextBuilder { } } + /// Sets a custom X509Store for verifying peer certificates. + /// + /// Requires the `v102` feature and OpenSSL 1.0.2, or the `v110` feature and OpenSSL 1.1.0. + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + pub fn set_verify_cert_store(&mut self, cert_store: X509Store) -> Result<(), ErrorStack> { + unsafe { + // set0 will free, set1 increments, and then requires a free + let ptr = cert_store.as_ptr(); + let result = try!(cvt(ffi::SSL_CTX_set0_verify_cert_store(self.as_ptr(), ptr) as c_int).map(|_|())); + + mem::forget(cert_store); + Ok(result) + } + } + pub fn set_read_ahead(&mut self, read_ahead: bool) { unsafe { ffi::SSL_CTX_set_read_ahead(self.as_ptr(), read_ahead as c_long); |