diff options
| author | Valerii Hiora <[email protected]> | 2014-09-12 21:03:48 +0300 |
|---|---|---|
| committer | Valerii Hiora <[email protected]> | 2014-09-17 09:41:10 +0300 |
| commit | ece8957e2feefed3bb1f1c3304f5f98ca804a355 (patch) | |
| tree | 6150ef685d8c5a34253f9d131a10033a30a05088 /src/ssl/mod.rs | |
| parent | Merge pull request #42 from cybergeek94/patch-1 (diff) | |
| download | rust-openssl-ece8957e2feefed3bb1f1c3304f5f98ca804a355.tar.xz rust-openssl-ece8957e2feefed3bb1f1c3304f5f98ca804a355.zip | |
Allow to set cert/key pair
Diffstat (limited to 'src/ssl/mod.rs')
| -rw-r--r-- | src/ssl/mod.rs | 45 |
1 files changed, 38 insertions, 7 deletions
diff --git a/src/ssl/mod.rs b/src/ssl/mod.rs index 85503704..6d3ca4d3 100644 --- a/src/ssl/mod.rs +++ b/src/ssl/mod.rs @@ -115,6 +115,23 @@ extern fn raw_verify(preverify_ok: c_int, x509_ctx: *mut ffi::X509_STORE_CTX) pub type VerifyCallback = fn(preverify_ok: bool, x509_ctx: &X509StoreContext) -> bool; +#[repr(i32)] +pub enum X509FileType { + PEM = ffi::X509_FILETYPE_PEM, + ASN1 = ffi::X509_FILETYPE_ASN1, + Default = ffi::X509_FILETYPE_DEFAULT +} + +// FIXME: macro may be instead of inlining? +#[inline] +fn wrap_ssl_result(res: c_int) -> Option<SslError> { + if res == 0 { + Some(SslError::get()) + } else { + None + } +} + /// An SSL context object pub struct SslContext { ctx: *mut ffi::SSL_CTX @@ -152,17 +169,31 @@ impl SslContext { #[allow(non_snake_case)] /// Specifies the file that contains trusted CA certificates. pub fn set_CA_file(&mut self, file: &str) -> Option<SslError> { - let ret = file.with_c_str(|file| { + wrap_ssl_result(file.with_c_str(|file| { unsafe { ffi::SSL_CTX_load_verify_locations(self.ctx, file, ptr::null()) } - }); + })) + } - if ret == 0 { - Some(SslError::get()) - } else { - None - } + /// Specifies the file that is client certificate + pub fn set_certificate_file(&mut self, file: &str, + file_type: X509FileType) -> Option<SslError> { + wrap_ssl_result(file.with_c_str(|file| { + unsafe { + ffi::SSL_CTX_use_certificate_file(self.ctx, file, file_type as c_int) + } + })) + } + + /// Specifies the file that is client certificate + pub fn set_private_key_file(&mut self, file: &str, + file_type: X509FileType) -> Option<SslError> { + wrap_ssl_result(file.with_c_str(|file| { + unsafe { + ffi::SSL_CTX_use_PrivateKey_file(self.ctx, file, file_type as c_int) + } + })) } } |