ObjFW/ObjOpenSSL
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Implement setting the private key and certificate.

Browse source
This commit is contained in:
Jonathan Schleifer 2011-03-29 00:23:32 +02:00
parent 6e5b389529
commit d8095cf714
2 changed files with 55 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

12
src/SSLSocket.h
View file

@ -5,10 +5,20 @@
@interface SSLSocket: OFTCPSocket @interface SSLSocket: OFTCPSocket
{ {
SSL *ssl; SSL *ssl;
OFString *privateKeyFile;
OFString *certificateFile;
} }
- initWithSocket: (OFTCPSocket*)socket; #ifdef OF_HAVE_PROPERTIES
@property (copy) OFString *privateKeyFile;
@property (copy) OFString *certificateFile;
#endif
- initWithSocket: (OFTCPSocket*)socket;
/* Change the return type */ /* Change the return type */
- (SSLSocket*)accept; - (SSLSocket*)accept;
- (void)setPrivateKeyFile: (OFString*)file;
- (OFString*)privateKeyFile;
- (void)setCertificateFile: (OFString*)file;
- (OFString*)certificateFile;
@end @end

49
src/SSLSocket.m
View file

@ -75,6 +75,9 @@ static SSL_CTX *ctx;
SSL_CTX *ctx_ = ctx; SSL_CTX *ctx_ = ctx;
SSL *ssl_ = ssl; SSL *ssl_ = ssl;
[privateKeyFile release];
[certificateFile release];
[super dealloc]; [super dealloc];
if (ssl_ != NULL) if (ssl_ != NULL)
@ -112,16 +115,28 @@ static SSL_CTX *ctx;
{ {
SSLSocket *newsock = (SSLSocket*)[super accept]; SSLSocket *newsock = (SSLSocket*)[super accept];
if ((ssl = SSL_new(ctx)) == NULL || !SSL_set_fd(ssl, sock)) { if ((newsock->ssl = SSL_new(ctx)) == NULL ||
[super close]; !SSL_set_fd(newsock->ssl, newsock->sock)) {
/* We only want to close the OFTCPSocket */
newsock->isa = [OFTCPSocket class];
[newsock close];
newsock->isa = isa;
@throw [OFAcceptFailedException newWithClass: isa @throw [OFAcceptFailedException newWithClass: isa
socket: self]; socket: self];
} }
SSL_set_accept_state(ssl); SSL_set_accept_state(newsock->ssl);
if (!SSL_use_PrivateKey_file(newsock->ssl, [privateKeyFile cString],
SSL_FILETYPE_PEM) || !SSL_use_certificate_file(newsock->ssl,
[certificateFile cString], SSL_FILETYPE_PEM) ||
SSL_accept(newsock->ssl) != 1) {
/* We only want to close the OFTCPSocket */
newsock->isa = [OFTCPSocket class];
[newsock close];
newsock->isa = isa;
if (SSL_connect(ssl) != 1) {
[super close];
@throw [OFAcceptFailedException newWithClass: isa @throw [OFAcceptFailedException newWithClass: isa
socket: self]; socket: self];
} }
@ -209,4 +224,28 @@ static SSL_CTX *ctx;
return ret; return ret;
} }
- (void)setPrivateKeyFile: (OFString*)file
{
OFString *old = privateKeyFile;
privateKeyFile = [file copy];
[old release];
}
- (OFString*)privateKeyFile
{
return [[privateKeyFile copy] autorelease];
}
- (void)setCertificateFile: (OFString*)file
{
OFString *old = certificateFile;
certificateFile = [file copy];
[old release];
}
- (OFString*)certificateFile
{
return [[certificateFile copy] autorelease];
}
@end @end