MirrorHub/construct
0
0
Fork 0
mirror of https://github.com/matrix-construct/construct synced 2024-11-26 08:42:34 +01:00
Code Issues Releases Wiki Activity

[TLS Backends] Allow absense of private key file

Browse source 
Use the certificate file instead
This commit is contained in:
Aaron Jones 2016-05-05 03:43:15 +00:00
parent 4d83a4d92d
commit 0fe9dd4119
No known key found for this signature in database
GPG key ID: 6E854C0FAAD4CEA4
2 changed files with 12 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
librb/src/gnutls.c
View file

@ -361,18 +361,22 @@ rb_load_file_into_datum_t(const char *file)
} }
int int
rb_setup_ssl_server(const char *cert, const char *keyfile, const char *dhfile, const char *cipher_list) rb_setup_ssl_server(const char *certfile, const char *keyfile, const char *dhfile, const char *cipher_list)
{ {
int ret; int ret;
const char *err; const char *err;
gnutls_datum_t *d_cert, *d_key; gnutls_datum_t *d_cert, *d_key;
if(cert == NULL)
if(certfile == NULL)
{ {
rb_lib_log("rb_setup_ssl_server: No certificate file"); rb_lib_log("rb_setup_ssl_server: No certificate file");
return 0; return 0;
} }
if((d_cert = rb_load_file_into_datum_t(cert)) == NULL) if(keyfile == NULL)
keyfile = certfile;
if((d_cert = rb_load_file_into_datum_t(certfile)) == NULL)
{ {
rb_lib_log("rb_setup_ssl_server: Error loading certificate: %s", strerror(errno)); rb_lib_log("rb_setup_ssl_server: Error loading certificate: %s", strerror(errno));
return 0; return 0;

13
librb/src/openssl.c
View file

@ -340,7 +340,7 @@ rb_init_ssl(void)
} }
int int
rb_setup_ssl_server(const char *cert, const char *keyfile, const char *dhfile, const char *cipher_list) rb_setup_ssl_server(const char *certfile, const char *keyfile, const char *dhfile, const char *cipher_list)
{ {
const char librb_ciphers[] = "kEECDH+HIGH:kEDH+HIGH:HIGH:!aNULL"; const char librb_ciphers[] = "kEECDH+HIGH:kEDH+HIGH:HIGH:!aNULL";
@ -348,17 +348,14 @@ rb_setup_ssl_server(const char *cert, const char *keyfile, const char *dhfile, c
const char librb_curves[] = "P-521:P-384:P-256"; const char librb_curves[] = "P-521:P-384:P-256";
#endif #endif
if(cert == NULL) if(certfile == NULL)
{ {
rb_lib_log("rb_setup_ssl_server: No certificate file"); rb_lib_log("rb_setup_ssl_server: No certificate file");
return 0; return 0;
} }
if(keyfile == NULL) if(keyfile == NULL)
{ keyfile = certfile;
rb_lib_log("rb_setup_ssl_server: No key file");
return 0;
}
if(cipher_list == NULL) if(cipher_list == NULL)
cipher_list = librb_ciphers; cipher_list = librb_ciphers;
@ -438,9 +435,9 @@ rb_setup_ssl_server(const char *cert, const char *keyfile, const char *dhfile, c
SSL_CTX_set_cipher_list(ssl_server_ctx, cipher_list); SSL_CTX_set_cipher_list(ssl_server_ctx, cipher_list);
SSL_CTX_set_cipher_list(ssl_client_ctx, cipher_list); SSL_CTX_set_cipher_list(ssl_client_ctx, cipher_list);
if(!SSL_CTX_use_certificate_chain_file(ssl_server_ctx, cert) || !SSL_CTX_use_certificate_chain_file(ssl_client_ctx, cert)) if(!SSL_CTX_use_certificate_chain_file(ssl_server_ctx, certfile) || !SSL_CTX_use_certificate_chain_file(ssl_client_ctx, certfile))
{ {
rb_lib_log("rb_setup_ssl_server: Error loading certificate file [%s]: %s", cert, rb_lib_log("rb_setup_ssl_server: Error loading certificate file [%s]: %s", certfile,
get_ssl_error(ERR_get_error())); get_ssl_error(ERR_get_error()));
return 0; return 0;
} }