Overview
| Comment: | Make it possible to request client certificates. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
f0a40268e4eca5f1e8fd4f418b854f64 |
| User & Date: | js on 2013-01-18 23:33:51 |
| Other Links: | manifest | tags |
Context
|
2013-01-19
| ||
| 00:36 | Update copyright. check-in: 6bcaf2d54a user: js tags: trunk | |
|
2013-01-18
| ||
| 23:33 | Make it possible to request client certificates. check-in: f0a40268e4 user: js tags: trunk | |
|
2013-01-12
| ||
| 22:46 | Adjust to recent ObjFW changes. check-in: 41b938d357 user: florob@babelmonkeys.de tags: trunk | |
Changes
Modified src/SSLSocket.h from [ea5e6f0579] to [be07cf18c1].
| ︙ | |||
28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 | 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 | + + + + |
@class X509Certificate;
@interface SSLSocket: OFTCPSocket
{
SSL *ssl;
OFString *privateKeyFile;
OFString *certificateFile;
BOOL requestsClientCertificates;
}
#ifdef OF_HAVE_PROPERTIES
@property (copy) OFString *privateKeyFile;
@property (copy) OFString *certificateFile;
@property BOOL requestsClientCertificates;
#endif
- initWithSocket: (OFTCPSocket*)socket;
- initWithSocket: (OFTCPSocket*)socket
privateKeyFile: (OFString*)privateKeyFile
certificateFile: (OFString*)certificateFile;
/* Change the return type */
- (SSLSocket*)accept;
- (void)setPrivateKeyFile: (OFString*)file;
- (OFString*)privateKeyFile;
- (void)setCertificateFile: (OFString*)file;
- (OFString*)certificateFile;
- (void)setRequestsClientCertificates: (BOOL)enabled;
- (BOOL)requestsClientCertificates;
- (OFDataArray*)channelBindingDataWithType: (OFString*)type;
- (X509Certificate*)peerCertificate;
- (void)verifyPeerCertificate;
@end
|
Modified src/SSLSocket.m from [28c8d23958] to [a14da586b7].
| ︙ | |||
219 220 221 222 223 224 225 226 227 228 229 230 231 232 | 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 | + + + |
[newSocket close];
object_setClass(newSocket, object_getClass(self));
@throw [OFAcceptFailedException exceptionWithClass: [self class]
socket: self];
}
if (requestsClientCertificates)
SSL_set_verify(newSocket->ssl, SSL_VERIFY_PEER, NULL);
SSL_set_accept_state(newSocket->ssl);
if (!SSL_use_PrivateKey_file(newSocket->ssl, [privateKeyFile
cStringWithEncoding: OF_STRING_ENCODING_NATIVE],
SSL_FILETYPE_PEM) || !SSL_use_certificate_file(newSocket->ssl,
[certificateFile cStringWithEncoding: OF_STRING_ENCODING_NATIVE],
SSL_FILETYPE_PEM) || SSL_accept(newSocket->ssl) != 1) {
|
| ︙ | |||
347 348 349 350 351 352 353 354 355 356 357 358 359 360 | 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 | + + + + + + + + + + |
OF_SETTER(certificateFile, file, YES, YES)
}
- (OFString*)certificateFile
{
OF_GETTER(certificateFile, YES)
}
- (void)setRequestsClientCertificates: (BOOL)enabled
{
requestsClientCertificates = enabled;
}
- (BOOL)requestsClientCertificates
{
return requestsClientCertificates;
}
- (OFDataArray*)channelBindingDataWithType: (OFString*)type
{
size_t length;
char buffer[64];
OFDataArray *data;
|
| ︙ |