|
|
|
|
@ -809,7 +809,9 @@ int _sxhub_settls_ctx(sxhub_t *hub, const char *crtfile)
|
|
|
|
|
|
|
|
|
|
int _sxhub_settls_ctx_s(sxhub_t *hub)
|
|
|
|
|
{
|
|
|
|
|
if(hub->ctx) return SXE_SUCCESS;
|
|
|
|
|
int r = SXE_SUCCESS;
|
|
|
|
|
|
|
|
|
|
if(hub->ctx) return r;
|
|
|
|
|
|
|
|
|
|
/* init SSL certificates and context */
|
|
|
|
|
if(!(hub->ctx = SSL_CTX_new(TLSv1_2_server_method()))) return SXE_ENOMEM;
|
|
|
|
|
@ -828,11 +830,23 @@ int _sxhub_settls_ctx_s(sxhub_t *hub)
|
|
|
|
|
SSL_CTX_load_verify_locations(hub->ctx, hub->rootca, NULL);
|
|
|
|
|
|
|
|
|
|
/* set the local certificate from CertFile */
|
|
|
|
|
if(SSL_CTX_use_certificate_file(hub->ctx, hub->certpem, SSL_FILETYPE_PEM) <= 0) return SXE_ESSL;
|
|
|
|
|
if(SSL_CTX_use_certificate_file(hub->ctx, hub->certpem, SSL_FILETYPE_PEM) <= 0) {
|
|
|
|
|
r = SXE_ESSL;
|
|
|
|
|
goto __finish;
|
|
|
|
|
}
|
|
|
|
|
/* set the private key from KeyFile (may be the same as CertFile) */
|
|
|
|
|
if(SSL_CTX_use_PrivateKey_file(hub->ctx, hub->certkey, SSL_FILETYPE_PEM) <= 0) return SXE_ESSL;
|
|
|
|
|
if(SSL_CTX_use_PrivateKey_file(hub->ctx, hub->certkey, SSL_FILETYPE_PEM) <= 0) {
|
|
|
|
|
r = SXE_ESSL;
|
|
|
|
|
goto __finish;
|
|
|
|
|
}
|
|
|
|
|
/* verify private key */
|
|
|
|
|
if (!SSL_CTX_check_private_key(hub->ctx)) return SXE_ESSL;
|
|
|
|
|
if (!SSL_CTX_check_private_key(hub->ctx)) r = SXE_ESSL;
|
|
|
|
|
|
|
|
|
|
return SXE_SUCCESS;
|
|
|
|
|
__finish:
|
|
|
|
|
if(r != SXE_SUCCESS) {
|
|
|
|
|
SSL_CTX_free(hub->ctx);
|
|
|
|
|
hub->ctx = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return r;
|
|
|
|
|
}
|
|
|
|
|
|
Alexander Vdolainen
7 years ago