Implement setting the private key and certificate.
This commit is contained in:
parent
6e5b389529
commit
d8095cf714
2 changed files with 55 additions and 6 deletions
|
|
@ -5,10 +5,20 @@
|
|||
@interface SSLSocket: OFTCPSocket
|
||||
{
|
||||
SSL *ssl;
|
||||
OFString *privateKeyFile;
|
||||
OFString *certificateFile;
|
||||
}
|
||||
|
||||
- initWithSocket: (OFTCPSocket*)socket;
|
||||
#ifdef OF_HAVE_PROPERTIES
|
||||
@property (copy) OFString *privateKeyFile;
|
||||
@property (copy) OFString *certificateFile;
|
||||
#endif
|
||||
|
||||
- initWithSocket: (OFTCPSocket*)socket;
|
||||
/* Change the return type */
|
||||
- (SSLSocket*)accept;
|
||||
- (void)setPrivateKeyFile: (OFString*)file;
|
||||
- (OFString*)privateKeyFile;
|
||||
- (void)setCertificateFile: (OFString*)file;
|
||||
- (OFString*)certificateFile;
|
||||
@end
|
||||
|
|
|
|||
|
|
@ -75,6 +75,9 @@ static SSL_CTX *ctx;
|
|||
SSL_CTX *ctx_ = ctx;
|
||||
SSL *ssl_ = ssl;
|
||||
|
||||
[privateKeyFile release];
|
||||
[certificateFile release];
|
||||
|
||||
[super dealloc];
|
||||
|
||||
if (ssl_ != NULL)
|
||||
|
|
@ -112,16 +115,28 @@ static SSL_CTX *ctx;
|
|||
{
|
||||
SSLSocket *newsock = (SSLSocket*)[super accept];
|
||||
|
||||
if ((ssl = SSL_new(ctx)) == NULL || !SSL_set_fd(ssl, sock)) {
|
||||
[super close];
|
||||
if ((newsock->ssl = SSL_new(ctx)) == NULL ||
|
||||
!SSL_set_fd(newsock->ssl, newsock->sock)) {
|
||||
/* We only want to close the OFTCPSocket */
|
||||
newsock->isa = [OFTCPSocket class];
|
||||
[newsock close];
|
||||
newsock->isa = isa;
|
||||
|
||||
@throw [OFAcceptFailedException newWithClass: isa
|
||||
socket: self];
|
||||
}
|
||||
|
||||
SSL_set_accept_state(ssl);
|
||||
SSL_set_accept_state(newsock->ssl);
|
||||
|
||||
if (!SSL_use_PrivateKey_file(newsock->ssl, [privateKeyFile cString],
|
||||
SSL_FILETYPE_PEM) || !SSL_use_certificate_file(newsock->ssl,
|
||||
[certificateFile cString], SSL_FILETYPE_PEM) ||
|
||||
SSL_accept(newsock->ssl) != 1) {
|
||||
/* We only want to close the OFTCPSocket */
|
||||
newsock->isa = [OFTCPSocket class];
|
||||
[newsock close];
|
||||
newsock->isa = isa;
|
||||
|
||||
if (SSL_connect(ssl) != 1) {
|
||||
[super close];
|
||||
@throw [OFAcceptFailedException newWithClass: isa
|
||||
socket: self];
|
||||
}
|
||||
|
|
@ -209,4 +224,28 @@ static SSL_CTX *ctx;
|
|||
|
||||
return ret;
|
||||
}
|
||||
|
||||
- (void)setPrivateKeyFile: (OFString*)file
|
||||
{
|
||||
OFString *old = privateKeyFile;
|
||||
privateKeyFile = [file copy];
|
||||
[old release];
|
||||
}
|
||||
|
||||
- (OFString*)privateKeyFile
|
||||
{
|
||||
return [[privateKeyFile copy] autorelease];
|
||||
}
|
||||
|
||||
- (void)setCertificateFile: (OFString*)file
|
||||
{
|
||||
OFString *old = certificateFile;
|
||||
certificateFile = [file copy];
|
||||
[old release];
|
||||
}
|
||||
|
||||
- (OFString*)certificateFile
|
||||
{
|
||||
return [[certificateFile copy] autorelease];
|
||||
}
|
||||
@end
|
||||
|
|
|
|||
Reference in a new issue