From 0b063c94501afe627ce1a7bdba02227d7140d27a Mon Sep 17 00:00:00 2001 From: discomfitor Date: Wed, 7 Dec 2011 23:36:15 +0000 Subject: [PATCH] allow certificates to be loaded for STARTTLS git-svn-id: svn+ssh://svn.enlightenment.org/var/svn/e/trunk/ecore@66000 7cbeb6ba-43b4-40fd-8cce-4c39aea84d33 --- ChangeLog | 4 ++++ NEWS | 2 ++ src/lib/ecore_con/ecore_con_ssl.c | 38 ++++++++++++++++++++++++++++++++++++-- 3 files changed, 42 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 793a600..d62ec30 100644 --- a/ChangeLog +++ b/ChangeLog @@ -384,3 +384,7 @@ 2011-12-05 Mike Blumenkrantz * added ecore_con_socks api + +2011-12-07 Mike Blumenkrantz + + * Allow SSL certificates to be loaded for STARTTLS diff --git a/NEWS b/NEWS index 6fff530..bfce1eb 100644 --- a/NEWS +++ b/NEWS @@ -14,6 +14,8 @@ Additions: Improvements: * ecore: - most allocations moved to mempools + * ecore_con: + - certificates can now be added for STARTTTLS * ecore_win32: - fix modifiers value on Windows XP diff --git a/src/lib/ecore_con/ecore_con_ssl.c b/src/lib/ecore_con/ecore_con_ssl.c index 1ef92c5..3b52846 100644 --- a/src/lib/ecore_con/ecore_con_ssl.c +++ b/src/lib/ecore_con/ecore_con_ssl.c @@ -375,6 +375,14 @@ ecore_con_ssl_server_cert_add(Ecore_Con_Server *svr, return EINA_FALSE; } + if (!svr->ssl_prepared) + { + svr->use_cert = EINA_TRUE; + svr->type |= ECORE_CON_USE_MIXED | ECORE_CON_LOAD_CERT; + if (ecore_con_ssl_server_prepare(svr, svr->type & ECORE_CON_SSL)) + return EINA_FALSE; + } + return SSL_SUFFIX(_ecore_con_ssl_server_cert_add) (svr, cert); } @@ -398,6 +406,14 @@ ecore_con_ssl_server_cafile_add(Ecore_Con_Server *svr, return EINA_FALSE; } + if (!svr->ssl_prepared) + { + svr->use_cert = EINA_TRUE; + svr->type |= ECORE_CON_USE_MIXED | ECORE_CON_LOAD_CERT; + if (ecore_con_ssl_server_prepare(svr, svr->type & ECORE_CON_SSL)) + return EINA_FALSE; + } + return SSL_SUFFIX(_ecore_con_ssl_server_cafile_add) (svr, ca_file); } @@ -422,6 +438,14 @@ ecore_con_ssl_server_privkey_add(Ecore_Con_Server *svr, return EINA_FALSE; } + if (!svr->ssl_prepared) + { + svr->use_cert = EINA_TRUE; + svr->type |= ECORE_CON_USE_MIXED | ECORE_CON_LOAD_CERT; + if (ecore_con_ssl_server_prepare(svr, svr->type & ECORE_CON_SSL)) + return EINA_FALSE; + } + return SSL_SUFFIX(_ecore_con_ssl_server_privkey_add) (svr, key_file); } @@ -446,6 +470,14 @@ ecore_con_ssl_server_crl_add(Ecore_Con_Server *svr, return EINA_FALSE; } + if (!svr->ssl_prepared) + { + svr->use_cert = EINA_TRUE; + svr->type |= ECORE_CON_USE_MIXED | ECORE_CON_LOAD_CERT; + if (ecore_con_ssl_server_prepare(svr, svr->type & ECORE_CON_SSL)) + return EINA_FALSE; + } + return SSL_SUFFIX(_ecore_con_ssl_server_crl_add) (svr, crl_file); } @@ -480,7 +512,8 @@ ecore_con_ssl_server_upgrade(Ecore_Con_Server *svr, Ecore_Con_Type ssl_type) if (ecore_con_ssl_server_prepare(svr, ssl_type)) return EINA_FALSE; } - svr->type |= ssl_type; + if (!svr->use_cert) + svr->type |= ssl_type; svr->upgrade = EINA_TRUE; svr->handshaking = EINA_TRUE; svr->ssl_state = ECORE_CON_SSL_STATE_INIT; @@ -517,7 +550,8 @@ ecore_con_ssl_client_upgrade(Ecore_Con_Client *cl, Ecore_Con_Type ssl_type) if (ecore_con_ssl_server_prepare(cl->host_server, ssl_type)) return EINA_FALSE; } - cl->host_server->type |= ssl_type; + if (!cl->host_server->use_cert) + cl->host_server->type |= ssl_type; cl->upgrade = EINA_TRUE; cl->host_server->upgrade = EINA_TRUE; cl->handshaking = EINA_TRUE; -- 2.7.4