From a28253ee7d73250abff2ce3934acca36175f9866 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Mon, 12 Oct 2015 20:54:00 +0200
Subject: Add set_certificate_chain_file()

SSL_CTX_use_certificate_chain_file() is preferred over
SSL_CTX_use_certificate_file().

It allows the use of complete certificate chains instead of loading
only the first certificate in a PEM file.
---
 openssl/src/ssl/mod.rs | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'openssl/src')

diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
index a68a2fc3..3580c66d 100644
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@@ -523,6 +523,16 @@ impl SslContext {
             })
     }
 
+    /// Specifies the file that contains certificate chain
+    pub fn set_certificate_chain_file<P: AsRef<Path>>(&mut self, file: P, file_type: X509FileType)
+                                                -> Result<(),SslError> {
+        let file = CString::new(file.as_ref().as_os_str().to_str().expect("invalid utf8")).unwrap();
+        wrap_ssl_result(
+            unsafe {
+                ffi::SSL_CTX_use_certificate_chain_file(self.ctx, file.as_ptr(), file_type as c_int)
+            })
+    }
+
     /// Specifies the certificate
     pub fn set_certificate(&mut self, cert: &X509) -> Result<(),SslError> {
         wrap_ssl_result(
-- 
cgit v1.2.3