diff options
Diffstat (limited to 'openssl/src/ssl/mod.rs')
| -rw-r--r-- | openssl/src/ssl/mod.rs | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index 7b5cf492..4b3a4385 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -612,6 +612,15 @@ impl SslContext { wrap_ssl_result(unsafe { ffi_extras::SSL_CTX_set_tmp_dh(self.ctx, dh.raw()) as i32 }) } + /// Use the default locations of trusted certificates for verification. + /// + /// These locations are read from the `SSL_CERT_FILE` and `SSL_CERT_DIR` + /// environment variables if present, or defaults specified at OpenSSL + /// build time otherwise. + pub fn set_default_verify_paths(&mut self) -> Result<(), SslError> { + wrap_ssl_result(unsafe { ffi::SSL_CTX_set_default_verify_paths(self.ctx) }) + } + #[allow(non_snake_case)] /// Specifies the file that contains trusted CA certificates. pub fn set_CA_file<P: AsRef<Path>>(&mut self, file: P) -> Result<(), SslError> { @@ -621,6 +630,20 @@ impl SslContext { }) } + /// Set the context identifier for sessions + /// + /// This value identifies the server's session cache to a clients, telling them when they're + /// able to reuse sessions. Should be set to a unique value per server, unless multiple servers + /// share a session cache. + /// + /// This value should be set when using client certificates, or each request will fail + /// handshake and need to be restarted. + pub fn set_session_id_context(&mut self, sid_ctx: &[u8]) -> Result<(), SslError> { + wrap_ssl_result(unsafe { + ffi::SSL_CTX_set_session_id_context(self.ctx, sid_ctx.as_ptr(), sid_ctx.len() as u32) + }) + } + /// Specifies the file that contains certificate pub fn set_certificate_file<P: AsRef<Path>>(&mut self, file: P, @@ -1309,7 +1332,7 @@ impl<S> SslStream<S> { #[cfg(feature = "nightly")] fn check_panic(&mut self) { if let Some(err) = unsafe { bio::take_panic::<S>(self.ssl.get_raw_rbio()) } { - ::std::panic::propagate(err) + ::std::panic::resume_unwind(err) } } |