switch (svr->type & ECORE_CON_SSL)
{
case ECORE_CON_USE_SSL2: /* not supported because of security issues */
+ case ECORE_CON_USE_SSL2 | ECORE_CON_LOAD_CERT: /* not supported because of security issues */
return ECORE_CON_SSL_ERROR_SSL2_NOT_SUPPORTED;
case ECORE_CON_USE_SSL3:
+ case ECORE_CON_USE_SSL3 | ECORE_CON_LOAD_CERT:
proto = ssl3_proto;
break;
case ECORE_CON_USE_TLS:
+ case ECORE_CON_USE_TLS | ECORE_CON_LOAD_CERT:
proto = tls_proto;
break;
}
if ((server_cert) && (server_cert->cert) &&
- ((svr->type & ECORE_CON_TYPE) & ECORE_CON_LOAD_CERT))
+ ((svr->type & ECORE_CON_SSL) & ECORE_CON_LOAD_CERT) == ECORE_CON_LOAD_CERT)
{
svr->cert = server_cert->cert;
server_cert->count++;
switch (cl->server->type & ECORE_CON_SSL)
{
case ECORE_CON_USE_SSL2: /* not supported because of security issues */
+ case ECORE_CON_USE_SSL2 | ECORE_CON_LOAD_CERT: /* not supported because of security issues */
return ECORE_CON_SSL_ERROR_SSL2_NOT_SUPPORTED;
case ECORE_CON_USE_SSL3:
+ case ECORE_CON_USE_SSL3 | ECORE_CON_LOAD_CERT:
proto = ssl3_proto;
break;
case ECORE_CON_USE_TLS:
+ case ECORE_CON_USE_TLS | ECORE_CON_LOAD_CERT:
proto = tls_proto;
break;
gnutls_dh_params_generate2(dh_params, 1024);
if ((client_cert) && (client_cert->cert) &&
- ((cl->server->type & ECORE_CON_TYPE) & ECORE_CON_LOAD_CERT))
+ ((cl->server->type & ECORE_CON_SSL) & ECORE_CON_LOAD_CERT) == ECORE_CON_LOAD_CERT)
{
cl->server->cert = client_cert->cert;
client_cert->count++;
switch (svr->type & ECORE_CON_SSL)
{
case ECORE_CON_USE_SSL2:
+ case ECORE_CON_USE_SSL2 | ECORE_CON_LOAD_CERT:
/* Unsafe version of SSL */
if (!(svr->ssl_ctx =
SSL_CTX_new(SSLv2_client_method())))
break;
case ECORE_CON_USE_SSL3:
+ case ECORE_CON_USE_SSL3 | ECORE_CON_LOAD_CERT:
if (!(svr->ssl_ctx =
SSL_CTX_new(SSLv3_client_method())))
return
break;
case ECORE_CON_USE_TLS:
+ case ECORE_CON_USE_TLS | ECORE_CON_LOAD_CERT:
if (!(svr->ssl_ctx =
SSL_CTX_new(TLSv1_client_method())))
return
}
if ((server_cert) && (server_cert->cert) &&
- ((svr->type & ECORE_CON_TYPE) & ECORE_CON_LOAD_CERT))
+ ((svr->type & ECORE_CON_SSL) & ECORE_CON_LOAD_CERT) == ECORE_CON_LOAD_CERT)
{
//FIXME: just log and go on without cert if loading fails?
if (!SSL_CTX_use_certificate(svr->ssl_ctx, server_cert->cert))
switch (cl->server->type & ECORE_CON_SSL)
{
case ECORE_CON_USE_SSL2:
+ case ECORE_CON_USE_SSL2 | ECORE_CON_LOAD_CERT:
/* Unsafe version of SSL */
if (!(cl->ssl_ctx =
SSL_CTX_new(SSLv2_client_method())))
break;
case ECORE_CON_USE_SSL3:
+ case ECORE_CON_USE_SSL3 | ECORE_CON_LOAD_CERT:
if (!(cl->ssl_ctx =
SSL_CTX_new(SSLv3_client_method())))
return
break;
case ECORE_CON_USE_TLS:
+ case ECORE_CON_USE_TLS | ECORE_CON_LOAD_CERT:
if (!(cl->ssl_ctx =
SSL_CTX_new(TLSv1_client_method())))
return
}
if ((client_cert) && (client_cert->cert) && (private_key->key) &&
- ((cl->server->type & ECORE_CON_TYPE) & ECORE_CON_LOAD_CERT))
+ ((cl->server->type & ECORE_CON_SSL) & ECORE_CON_LOAD_CERT) == ECORE_CON_LOAD_CERT)
{
//FIXME: just log and go on without cert if loading fails?
if (!SSL_CTX_use_certificate(cl->server->ssl_ctx, client_cert->cert) ||