Allow to to load the CA chain directly from memory instead of

specifying a file. This enables CA verification in privsep'ed processes that are running chroot'ed without direct access to the certificate files. With feedback, tests, and OK from bluhm@
author: reyk <> 2015-01-22 09:16:24 +0000
committer: reyk <> 2015-01-22 09:16:24 +0000
commit: 138944aeef27fb00df60db6f46ef653726b4ca5a (patch)
tree: 0cd70582ac032f525e31a6921611469898b556c3 /src/lib/libtls/tls_internal.h
parent: d0ef2b563d4291f81a8f9ed7cd02bdfbaa8cc5f4 (diff)
download: openbsd-138944aeef27fb00df60db6f46ef653726b4ca5a.tar.gz
openbsd-138944aeef27fb00df60db6f46ef653726b4ca5a.tar.bz2
openbsd-138944aeef27fb00df60db6f46ef653726b4ca5a.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/src/lib/libtls/tls_internal.h b/src/lib/libtls/tls_internal.h
index 1a2bd388b7..9a1a180e0b 100644
--- a/src/lib/libtls/tls_internal.h
+++ b/src/lib/libtls/tls_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_internal.h,v 1.6 2015/01/13 17:35:35 bluhm Exp $ */
+/* $OpenBSD: tls_internal.h,v 1.7 2015/01/22 09:16:24 reyk Exp $ */
 /*
 * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
@@ -28,6 +28,8 @@
 struct tls_config {
        const char *ca_file;
        const char *ca_path;
+        char *ca_mem;
+        size_t ca_len;
        const char *cert_file;
        char *cert_mem;
        size_t cert_len;
author	reyk <>	2015-01-22 09:16:24 +0000
committer	reyk <>	2015-01-22 09:16:24 +0000
commit	138944aeef27fb00df60db6f46ef653726b4ca5a (patch)
tree	0cd70582ac032f525e31a6921611469898b556c3 /src/lib/libtls/tls_internal.h
parent	d0ef2b563d4291f81a8f9ed7cd02bdfbaa8cc5f4 (diff)
download	openbsd-138944aeef27fb00df60db6f46ef653726b4ca5a.tar.gz openbsd-138944aeef27fb00df60db6f46ef653726b4ca5a.tar.bz2 openbsd-138944aeef27fb00df60db6f46ef653726b4ca5a.zip