Factor our the keypair handling in libtls. This results in more readable

and self-contained code, while preparing for the ability to handle multiple keypairs. Also provide two additional functions that allow a public certificate and private key to be set with a single function call. ok beck@
author: jsing <> 2016-04-28 17:05:59 +0000
committer: jsing <> 2016-04-28 17:05:59 +0000
commit: f4470c187e09c2ca1bfcf671080ac97b7fc86df2 (patch)
tree: 046b15c71afb290bae07f4b238cfdc296f78ca6b /src/lib/libtls/tls_server.c
parent: 2666540eb58ec0e76b541248bed9d159e6a2ccea (diff)
download: openbsd-f4470c187e09c2ca1bfcf671080ac97b7fc86df2.tar.gz
openbsd-f4470c187e09c2ca1bfcf671080ac97b7fc86df2.tar.bz2
openbsd-f4470c187e09c2ca1bfcf671080ac97b7fc86df2.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libtls/tls_server.c b/src/lib/libtls/tls_server.c
index ad98cf3d7e..1d94c99bc0 100644
--- a/src/lib/libtls/tls_server.c
+++ b/src/lib/libtls/tls_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_server.c,v 1.18 2015/09/29 10:17:04 deraadt Exp $ */
+/* $OpenBSD: tls_server.c,v 1.19 2016/04/28 17:05:59 jsing Exp $ */
 /*
 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
 *
@@ -61,7 +61,7 @@ tls_configure_server(struct tls *ctx)
        if (tls_configure_ssl(ctx) != 0)
                goto err;
-        if (tls_configure_keypair(ctx, 1) != 0)
+        if (tls_configure_keypair(ctx, ctx->ssl_ctx, ctx->config->keypair, 1) != 0)
                goto err;
        if (ctx->config->verify_client != 0) {
                int verify = SSL_VERIFY_PEER;
author	jsing <>	2016-04-28 17:05:59 +0000
committer	jsing <>	2016-04-28 17:05:59 +0000
commit	f4470c187e09c2ca1bfcf671080ac97b7fc86df2 (patch)
tree	046b15c71afb290bae07f4b238cfdc296f78ca6b /src/lib/libtls/tls_server.c
parent	2666540eb58ec0e76b541248bed9d159e6a2ccea (diff)
download	openbsd-f4470c187e09c2ca1bfcf671080ac97b7fc86df2.tar.gz openbsd-f4470c187e09c2ca1bfcf671080ac97b7fc86df2.tar.bz2 openbsd-f4470c187e09c2ca1bfcf671080ac97b7fc86df2.zip

diff --git a/src/lib/libtls/tls_server.c b/src/lib/libtls/tls_server.c index ad98cf3d7e..1d94c99bc0 100644 --- a/src/lib/libtls/tls_server.c +++ b/src/lib/libtls/tls_server.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls_server.c,v 1.18 2015/09/29 10:17:04 deraadt Exp $ */	1	/* $OpenBSD: tls_server.c,v 1.19 2016/04/28 17:05:59 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -61,7 +61,7 @@ tls_configure_server(struct tls *ctx)
61		61
62	if (tls_configure_ssl(ctx) != 0)	62	if (tls_configure_ssl(ctx) != 0)
63	goto err;	63	goto err;
64	if (tls_configure_keypair(ctx, 1) != 0)	64	if (tls_configure_keypair(ctx, ctx->ssl_ctx, ctx->config->keypair, 1) != 0)
65	goto err;	65	goto err;
66	if (ctx->config->verify_client != 0) {	66	if (ctx->config->verify_client != 0) {
67	int verify = SSL_VERIFY_PEER;	67	int verify = SSL_VERIFY_PEER;