diff options
| author | Steven Fackler <[email protected]> | 2014-09-19 15:32:55 -0700 |
|---|---|---|
| committer | Steven Fackler <[email protected]> | 2014-09-19 15:32:55 -0700 |
| commit | efa1a719f5b9fc749c7a6fc37bed8a3a011b8e11 (patch) | |
| tree | 977e5d066c22e1fffb9776dad2bdce85fc5523d5 /src/ssl/mod.rs | |
| parent | Merge pull request #48 from ebfe/rfc-52 (diff) | |
| parent | Fixed documentation string (diff) | |
| download | rust-openssl-efa1a719f5b9fc749c7a6fc37bed8a3a011b8e11.tar.xz rust-openssl-efa1a719f5b9fc749c7a6fc37bed8a3a011b8e11.zip | |
Merge pull request #47 from vhbit/cert-key-auth
Allow to set cert/key pair
Diffstat (limited to 'src/ssl/mod.rs')
| -rw-r--r-- | src/ssl/mod.rs | 45 |
1 files changed, 38 insertions, 7 deletions
diff --git a/src/ssl/mod.rs b/src/ssl/mod.rs index 2ae1d41a..31551109 100644 --- a/src/ssl/mod.rs +++ b/src/ssl/mod.rs @@ -115,6 +115,23 @@ extern fn raw_verify(preverify_ok: c_int, x509_ctx: *mut ffi::X509_STORE_CTX) pub type VerifyCallback = fn(preverify_ok: bool, x509_ctx: &X509StoreContext) -> bool; +#[repr(i32)] +pub enum X509FileType { + PEM = ffi::X509_FILETYPE_PEM, + ASN1 = ffi::X509_FILETYPE_ASN1, + Default = ffi::X509_FILETYPE_DEFAULT +} + +// FIXME: macro may be instead of inlining? +#[inline] +fn wrap_ssl_result(res: c_int) -> Option<SslError> { + if res == 0 { + Some(SslError::get()) + } else { + None + } +} + /// An SSL context object pub struct SslContext { ctx: *mut ffi::SSL_CTX @@ -152,17 +169,31 @@ impl SslContext { #[allow(non_snake_case)] /// Specifies the file that contains trusted CA certificates. pub fn set_CA_file(&mut self, file: &str) -> Option<SslError> { - let ret = file.with_c_str(|file| { + wrap_ssl_result(file.with_c_str(|file| { unsafe { ffi::SSL_CTX_load_verify_locations(self.ctx, file, ptr::null()) } - }); + })) + } - if ret == 0 { - Some(SslError::get()) - } else { - None - } + /// Specifies the file that is client certificate + pub fn set_certificate_file(&mut self, file: &str, + file_type: X509FileType) -> Option<SslError> { + wrap_ssl_result(file.with_c_str(|file| { + unsafe { + ffi::SSL_CTX_use_certificate_file(self.ctx, file, file_type as c_int) + } + })) + } + + /// Specifies the file that is client private key + pub fn set_private_key_file(&mut self, file: &str, + file_type: X509FileType) -> Option<SslError> { + wrap_ssl_result(file.with_c_str(|file| { + unsafe { + ffi::SSL_CTX_use_PrivateKey_file(self.ctx, file, file_type as c_int) + } + })) } } |