From 78f1b94786e7a88c2465b014db9000aae8825054 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Mon, 4 Aug 2014 15:58:29 +0000
Subject: Provide a utility function for loading a private/public keypair.

---
 src/lib/libressl/ressl.c          | 20 ++++++++++++++++++++
 src/lib/libressl/ressl_internal.h |  1 +
 2 files changed, 21 insertions(+)

(limited to 'src/lib')

diff --git a/src/lib/libressl/ressl.c b/src/lib/libressl/ressl.c
index e014d3e572..44a8a19421 100644
--- a/src/lib/libressl/ressl.c
+++ b/src/lib/libressl/ressl.c
@@ -90,6 +90,26 @@ ressl_configure(struct ressl *ctx, struct ressl_config *config)
 	return (0);
 }
 
+int
+ressl_configure_keypair(struct ressl *ctx)
+{
+	if (SSL_CTX_use_certificate_file(ctx->ssl_ctx, ctx->config->cert_file,
+	    SSL_FILETYPE_PEM) != 1) {
+		ressl_set_error(ctx, "failed to load certificate");
+		return (1);
+	}
+	if (SSL_CTX_use_PrivateKey_file(ctx->ssl_ctx, ctx->config->key_file,
+	    SSL_FILETYPE_PEM) != 1) {
+		ressl_set_error(ctx, "failed to load private key");
+		return (1);
+	}
+	if (SSL_CTX_check_private_key(ctx->ssl_ctx) != 1) {
+		ressl_set_error(ctx, "private/public key mismatch");
+		return (1);
+	}
+	return (0);
+}
+
 void
 ressl_free(struct ressl *ctx)
 {
diff --git a/src/lib/libressl/ressl_internal.h b/src/lib/libressl/ressl_internal.h
index c33d4cff2e..0b6a58bf2d 100644
--- a/src/lib/libressl/ressl_internal.h
+++ b/src/lib/libressl/ressl_internal.h
@@ -53,6 +53,7 @@ struct ressl {
 struct ressl *ressl_new(void);
 
 int ressl_check_hostname(X509 *cert, const char *host);
+int ressl_configure_keypair(struct ressl *ctx);
 int ressl_host_port(const char *hostport, char **host, char **port);
 int ressl_set_error(struct ressl *ctx, char *fmt, ...);
 
-- 
cgit v1.2.3-55-g6feb