1 files changed, 57 insertions, 1 deletions
diff --git a/src/lib/libtls/tls_config.c b/src/lib/libtls/tls_config.c
index 0d52704aa8..c07621acaf 100644
--- a/src/lib/libtls/tls_config.c
+++ b/src/lib/libtls/tls_config.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_config.c,v 1.27 2016/08/13 13:15:53 jsing Exp $ */
+/* $OpenBSD: tls_config.c,v 1.28 2016/08/22 14:55:59 jsing Exp $ */
 /*
 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
 *
@@ -227,6 +227,18 @@ tls_config_free(struct tls_config *config)
        free(config);
 }
+static void
+tls_config_keypair_add(struct tls_config *config, struct tls_keypair *keypair)
+{
+        struct tls_keypair *kp;
+        kp = config->keypair;
+        while (kp->next != NULL)
+                kp = kp->next;
+        kp->next = keypair;
+}
 const char *
 tls_config_error(struct tls_config *config)
 {
@@ -370,6 +382,50 @@ tls_config_set_alpn(struct tls_config *config, const char *alpn)
 }
 int
+tls_config_add_keypair_file(struct tls_config *config,
+    const char *cert_file, const char *key_file)
+{
+        struct tls_keypair *keypair;
+        if ((keypair = tls_keypair_new()) == NULL)
+                return (-1);
+        if (tls_keypair_set_cert_file(keypair, &config->error, cert_file) != 0)
+                goto err;
+        if (tls_keypair_set_key_file(keypair, &config->error, key_file) != 0)
+                goto err;
+        tls_config_keypair_add(config, keypair);
+        return (0);
+ err:
+        tls_keypair_free(keypair);
+        return (-1);
+}
+int
+tls_config_add_keypair_mem(struct tls_config *config, const uint8_t *cert,
+    size_t cert_len, const uint8_t *key, size_t key_len)
+{
+        struct tls_keypair *keypair;
+        if ((keypair = tls_keypair_new()) == NULL)
+                return (-1);
+        if (tls_keypair_set_cert_mem(keypair, cert, cert_len) != 0)
+                goto err;
+        if (tls_keypair_set_key_mem(keypair, key, key_len) != 0)
+                goto err;
+        tls_config_keypair_add(config, keypair);
+        return (0);
+ err:
+        tls_keypair_free(keypair);
+        return (-1);
+}
+int
 tls_config_set_ca_file(struct tls_config *config, const char *ca_file)
 {
        return tls_config_load_file(&config->error, "CA", ca_file,

diff --git a/src/lib/libtls/tls_config.c b/src/lib/libtls/tls_config.c index 0d52704aa8..c07621acaf 100644 --- a/src/lib/libtls/tls_config.c +++ b/src/lib/libtls/tls_config.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls_config.c,v 1.27 2016/08/13 13:15:53 jsing Exp $ */	1	/* $OpenBSD: tls_config.c,v 1.28 2016/08/22 14:55:59 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -227,6 +227,18 @@ tls_config_free(struct tls_config *config)
227	free(config);	227	free(config);
228	}	228	}
229		229
		230	static void
		231	tls_config_keypair_add(struct tls_config config, struct tls_keypair keypair)
		232	{
		233	struct tls_keypair *kp;
		234
		235	kp = config->keypair;
		236	while (kp->next != NULL)
		237	kp = kp->next;
		238
		239	kp->next = keypair;
		240	}
		241
230	const char *	242	const char *
231	tls_config_error(struct tls_config *config)	243	tls_config_error(struct tls_config *config)
232	{	244	{
@@ -370,6 +382,50 @@ tls_config_set_alpn(struct tls_config config, const char alpn)
370	}	382	}
371		383
372	int	384	int
		385	tls_config_add_keypair_file(struct tls_config *config,
		386	const char cert_file, const char key_file)
		387	{
		388	struct tls_keypair *keypair;
		389
		390	if ((keypair = tls_keypair_new()) == NULL)
		391	return (-1);
		392	if (tls_keypair_set_cert_file(keypair, &config->error, cert_file) != 0)
		393	goto err;
		394	if (tls_keypair_set_key_file(keypair, &config->error, key_file) != 0)
		395	goto err;
		396
		397	tls_config_keypair_add(config, keypair);
		398
		399	return (0);
		400
		401	err:
		402	tls_keypair_free(keypair);
		403	return (-1);
		404	}
		405
		406	int
		407	tls_config_add_keypair_mem(struct tls_config config, const uint8_t cert,
		408	size_t cert_len, const uint8_t *key, size_t key_len)
		409	{
		410	struct tls_keypair *keypair;
		411
		412	if ((keypair = tls_keypair_new()) == NULL)
		413	return (-1);
		414	if (tls_keypair_set_cert_mem(keypair, cert, cert_len) != 0)
		415	goto err;
		416	if (tls_keypair_set_key_mem(keypair, key, key_len) != 0)
		417	goto err;
		418
		419	tls_config_keypair_add(config, keypair);
		420
		421	return (0);
		422
		423	err:
		424	tls_keypair_free(keypair);
		425	return (-1);
		426	}
		427
		428	int
373	tls_config_set_ca_file(struct tls_config config, const char ca_file)	429	tls_config_set_ca_file(struct tls_config config, const char ca_file)
374	{	430	{
375	return tls_config_load_file(&config->error, "CA", ca_file,	431	return tls_config_load_file(&config->error, "CA", ca_file,