diff options
| author | Valerii Hiora <[email protected]> | 2014-09-12 21:03:48 +0300 |
|---|---|---|
| committer | Valerii Hiora <[email protected]> | 2014-09-17 09:41:10 +0300 |
| commit | ece8957e2feefed3bb1f1c3304f5f98ca804a355 (patch) | |
| tree | 6150ef685d8c5a34253f9d131a10033a30a05088 /src | |
| parent | Merge pull request #42 from cybergeek94/patch-1 (diff) | |
| download | rust-openssl-ece8957e2feefed3bb1f1c3304f5f98ca804a355.tar.xz rust-openssl-ece8957e2feefed3bb1f1c3304f5f98ca804a355.zip | |
Allow to set cert/key pair
Diffstat (limited to 'src')
| -rwxr-xr-x[-rw-r--r--] | src/ssl/ffi.rs | 7 | ||||
| -rw-r--r-- | src/ssl/mod.rs | 45 |
2 files changed, 45 insertions, 7 deletions
diff --git a/src/ssl/ffi.rs b/src/ssl/ffi.rs index cfb75a21..d1a971c8 100644..100755 --- a/src/ssl/ffi.rs +++ b/src/ssl/ffi.rs @@ -98,6 +98,10 @@ pub static X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: c_int = 53; pub static X509_V_ERR_CRL_PATH_VALIDATION_ERROR: c_int = 54; pub static X509_V_ERR_APPLICATION_VERIFICATION: c_int = 50; +pub static X509_FILETYPE_PEM: c_int = 1; +pub static X509_FILETYPE_ASN1: c_int = 2; +pub static X509_FILETYPE_DEFAULT: c_int = 3; + #[link(name="ssl")] #[link(name="crypto")] extern "C" { @@ -132,6 +136,9 @@ extern "C" { -> c_int; pub fn SSL_CTX_get_ex_data(ctx: *mut SSL_CTX, idx: c_int) -> *mut c_void; + pub fn SSL_CTX_use_certificate_file(ctx: *mut SSL_CTX, cert_file: *const c_char, file_type: c_int) -> c_int; + pub fn SSL_CTX_use_PrivateKey_file(ctx: *mut SSL_CTX, key_file: *const c_char, file_type: c_int) -> c_int; + pub fn X509_STORE_CTX_get_ex_data(ctx: *mut X509_STORE_CTX, idx: c_int) -> *mut c_void; pub fn X509_STORE_CTX_get_current_cert(ct: *mut X509_STORE_CTX) -> *mut X509; diff --git a/src/ssl/mod.rs b/src/ssl/mod.rs index 85503704..6d3ca4d3 100644 --- a/src/ssl/mod.rs +++ b/src/ssl/mod.rs @@ -115,6 +115,23 @@ extern fn raw_verify(preverify_ok: c_int, x509_ctx: *mut ffi::X509_STORE_CTX) pub type VerifyCallback = fn(preverify_ok: bool, x509_ctx: &X509StoreContext) -> bool; +#[repr(i32)] +pub enum X509FileType { + PEM = ffi::X509_FILETYPE_PEM, + ASN1 = ffi::X509_FILETYPE_ASN1, + Default = ffi::X509_FILETYPE_DEFAULT +} + +// FIXME: macro may be instead of inlining? +#[inline] +fn wrap_ssl_result(res: c_int) -> Option<SslError> { + if res == 0 { + Some(SslError::get()) + } else { + None + } +} + /// An SSL context object pub struct SslContext { ctx: *mut ffi::SSL_CTX @@ -152,17 +169,31 @@ impl SslContext { #[allow(non_snake_case)] /// Specifies the file that contains trusted CA certificates. pub fn set_CA_file(&mut self, file: &str) -> Option<SslError> { - let ret = file.with_c_str(|file| { + wrap_ssl_result(file.with_c_str(|file| { unsafe { ffi::SSL_CTX_load_verify_locations(self.ctx, file, ptr::null()) } - }); + })) + } - if ret == 0 { - Some(SslError::get()) - } else { - None - } + /// Specifies the file that is client certificate + pub fn set_certificate_file(&mut self, file: &str, + file_type: X509FileType) -> Option<SslError> { + wrap_ssl_result(file.with_c_str(|file| { + unsafe { + ffi::SSL_CTX_use_certificate_file(self.ctx, file, file_type as c_int) + } + })) + } + + /// Specifies the file that is client certificate + pub fn set_private_key_file(&mut self, file: &str, + file_type: X509FileType) -> Option<SslError> { + wrap_ssl_result(file.with_c_str(|file| { + unsafe { + ffi::SSL_CTX_use_PrivateKey_file(self.ctx, file, file_type as c_int) + } + })) } } |