1 files changed, 15 insertions, 8 deletions

diff --git a/src/lib/libtls/tls_internal.h b/src/lib/libtls/tls_internal.h
index 21bf2b4613..cb5d90f542 100644
--- a/src/lib/libtls/tls_internal.h
+++ b/src/lib/libtls/tls_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_internal.h,v 1.27 2016/04/28 16:48:44 jsing Exp $ */
+/* $OpenBSD: tls_internal.h,v 1.28 2016/04/28 17:05:59 jsing Exp $ */
 /*
  * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
@@ -39,6 +39,17 @@ struct tls_error {
         int num;
 };
 
+struct tls_keypair {
+        struct tls_keypair *next;
+
+        const char *cert_file;
+        char *cert_mem;
+        size_t cert_len;
+        const char *key_file;
+        char *key_mem;
+        size_t key_len;
+};
+
 struct tls_config {
         struct tls_error error;
 
@@ -46,16 +57,11 @@ struct tls_config {
         const char *ca_path;
         char *ca_mem;
         size_t ca_len;
-        const char *cert_file;
-        char *cert_mem;
-        size_t cert_len;
         const char *ciphers;
         int ciphers_server;
         int dheparams;
         int ecdhecurve;
-        const char *key_file;
-        char *key_mem;
-        size_t key_len;
+        struct tls_keypair *keypair;
         uint32_t protocols;
         int verify_cert;
         int verify_client;
@@ -103,7 +109,8 @@ struct tls *tls_new(void);
 struct tls *tls_server_conn(struct tls *ctx);
 
 int tls_check_name(struct tls *ctx, X509 *cert, const char *servername);
-int tls_configure_keypair(struct tls *ctx, int);
+int tls_configure_keypair(struct tls *ctx, SSL_CTX *ssl_ctx,
+    struct tls_keypair *keypair, int required);
 int tls_configure_server(struct tls *ctx);
 int tls_configure_ssl(struct tls *ctx);
 int tls_configure_ssl_verify(struct tls *ctx, int verify);