allow certificates to be loaded for STARTTLS

SVN revision: 66000
2011-12-07 23:36:15 +00:00 · 2011-12-07 23:36:15 +00:00 · f0e4cb8e79
parent a200550466
commit f0e4cb8e79
3 changed files with 42 additions and 2 deletions
--- a/legacy/ecore/ChangeLog
+++ b/legacy/ecore/ChangeLog
@ -384,3 +384,7 @@
 2011-12-05 Mike Blumenkrantz

        * added ecore_con_socks api
+
+2011-12-07 Mike Blumenkrantz
+
+        * Allow SSL certificates to be loaded for STARTTLS
--- a/legacy/ecore/NEWS
+++ b/legacy/ecore/NEWS
@ -14,6 +14,8 @@ Additions:
 Improvements:
    * ecore:
     - most allocations moved to mempools
+    * ecore_con:
+     - certificates can now be added for STARTTTLS
    * ecore_win32:
     - fix modifiers value on Windows XP

--- a/legacy/ecore/src/lib/ecore_con/ecore_con_ssl.c
+++ b/legacy/ecore/src/lib/ecore_con/ecore_con_ssl.c
@ -375,6 +375,14 @@ ecore_con_ssl_server_cert_add(Ecore_Con_Server *svr,
        return EINA_FALSE;
     }

+   if (!svr->ssl_prepared)
+     {
+        svr->use_cert = EINA_TRUE;
+        svr->type |= ECORE_CON_USE_MIXED | ECORE_CON_LOAD_CERT;
+        if (ecore_con_ssl_server_prepare(svr, svr->type & ECORE_CON_SSL))
+          return EINA_FALSE;
+     }
+
   return SSL_SUFFIX(_ecore_con_ssl_server_cert_add) (svr, cert);
 }

@ -398,6 +406,14 @@ ecore_con_ssl_server_cafile_add(Ecore_Con_Server *svr,
        return EINA_FALSE;
     }

+   if (!svr->ssl_prepared)
+     {
+        svr->use_cert = EINA_TRUE;
+        svr->type |= ECORE_CON_USE_MIXED | ECORE_CON_LOAD_CERT;
+        if (ecore_con_ssl_server_prepare(svr, svr->type & ECORE_CON_SSL))
+          return EINA_FALSE;
+     }
+
   return SSL_SUFFIX(_ecore_con_ssl_server_cafile_add) (svr, ca_file);
 }

@ -422,6 +438,14 @@ ecore_con_ssl_server_privkey_add(Ecore_Con_Server *svr,
        return EINA_FALSE;
     }

+   if (!svr->ssl_prepared)
+     {
+        svr->use_cert = EINA_TRUE;
+        svr->type |= ECORE_CON_USE_MIXED | ECORE_CON_LOAD_CERT;
+        if (ecore_con_ssl_server_prepare(svr, svr->type & ECORE_CON_SSL))
+          return EINA_FALSE;
+     }
+
   return SSL_SUFFIX(_ecore_con_ssl_server_privkey_add) (svr, key_file);
 }

@ -446,6 +470,14 @@ ecore_con_ssl_server_crl_add(Ecore_Con_Server *svr,
        return EINA_FALSE;
     }

+   if (!svr->ssl_prepared)
+     {
+        svr->use_cert = EINA_TRUE;
+        svr->type |= ECORE_CON_USE_MIXED | ECORE_CON_LOAD_CERT;
+        if (ecore_con_ssl_server_prepare(svr, svr->type & ECORE_CON_SSL))
+          return EINA_FALSE;
+     }
+
   return SSL_SUFFIX(_ecore_con_ssl_server_crl_add) (svr, crl_file);
 }

@ -480,7 +512,8 @@ ecore_con_ssl_server_upgrade(Ecore_Con_Server *svr, Ecore_Con_Type ssl_type)
        if (ecore_con_ssl_server_prepare(svr, ssl_type))
          return EINA_FALSE;
     }
-   svr->type |= ssl_type;
+   if (!svr->use_cert)
+     svr->type |= ssl_type;
   svr->upgrade = EINA_TRUE;
   svr->handshaking = EINA_TRUE;
   svr->ssl_state = ECORE_CON_SSL_STATE_INIT;
@ -517,7 +550,8 @@ ecore_con_ssl_client_upgrade(Ecore_Con_Client *cl, Ecore_Con_Type ssl_type)
        if (ecore_con_ssl_server_prepare(cl->host_server, ssl_type))
          return EINA_FALSE;
     }
-   cl->host_server->type |= ssl_type;
+   if (!cl->host_server->use_cert)
+     cl->host_server->type |= ssl_type;
   cl->upgrade = EINA_TRUE;
   cl->host_server->upgrade = EINA_TRUE;
   cl->handshaking = EINA_TRUE;