diff options
| author | Claudius 'keldu' Holeksa <mail@keldu.de> | 2024-10-19 18:41:26 +0200 |
|---|---|---|
| committer | Claudius 'keldu' Holeksa <mail@keldu.de> | 2024-10-19 18:41:26 +0200 |
| commit | ab8371327296d3435308b21b463fbdb4569d8763 (patch) | |
| tree | df1856a6b3e2cbb110bf2f6869289c3930a8c412 /modules/io-tls/c++/tls.tmpl.hpp | |
| parent | 7ea851ddceafb03a6a789451063c0158f2df25a7 (diff) | |
Preparing for tls server example
Diffstat (limited to 'modules/io-tls/c++/tls.tmpl.hpp')
| -rw-r--r-- | modules/io-tls/c++/tls.tmpl.hpp | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/modules/io-tls/c++/tls.tmpl.hpp b/modules/io-tls/c++/tls.tmpl.hpp index 8c2ba83..46b00d4 100644 --- a/modules/io-tls/c++/tls.tmpl.hpp +++ b/modules/io-tls/c++/tls.tmpl.hpp @@ -134,7 +134,9 @@ public: return make_error<err::not_implemented>(); } - error_or<own<server<net::Tls<T>>>> listen(network_address<net::Tls<T>>& address) override; + error_or<own<server<net::Tls<T>>>> listen(network_address<net::Tls<T>>& address, + const std::string& key_file, const std::string& cert_file, const std::string& crl_file, const std::string& ca_file + ) override; conveyor<own<io_stream<net::Tls<T>>>> connect(network_address<net::Tls<T>>& address) override; }; @@ -198,25 +200,23 @@ public: } template<typename T> -error_or<own<server<net::Tls<T>>>> tls_network<T>::listen(network_address<net::Tls<T>>& address) { +error_or<own<server<net::Tls<T>>>> tls_network<T>::listen(network_address<net::Tls<T>>& address, + const std::string& key_file, const std::string& cert_file, const std::string& crl_file, const std::string& ca_file + ) { gnutls_certificate_credentials_t x509_cred; gnutls_certificate_allocate_credentials(&x509_cred); - std::string KEYFILE = "key.pem"; - std::string CERTFILE = "cert.pem"; - std::string CAFILE = "/etc/ssl/certs/ca-certificates.crt"; - std::string CRLFILE = "crl.pem"; std::string OCSP_STATUS_FILE = "ocsp-status.der"; - gnutls_certificate_set_x509_trust_file(x509_cred, CAFILE.c_str(), GNUTLS_X509_FMT_PEM); - gnutls_certificate_set_x509_crl_file(x509_cred, CRLFILE.c_str(), GNUTLS_X509_FMT_PEM); - gnutls_certificate_set_x509_key_file(x509_cred, CERTFILE.c_str(), KEYFILE.c_str(), GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_trust_file(x509_cred, ca_file.c_str(), GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_crl_file(x509_cred, crl_file.c_str(), GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_file(x509_cred, cert_file.c_str(), key_file.c_str(), GNUTLS_X509_FMT_PEM); gnutls_certificate_set_ocsp_status_request_file(x509_cred, OCSP_STATUS_FILE.c_str(), 0); auto int_srv = internal_().listen(address.get_handle()); - own<server<net::Tls<T>>> tls_srv = heap<tls_server<T>>(std::move(int_srv), x509_cred); + own<server<net::Tls<T>>> tls_srv = heap<tls_server<T>>(std::move(int_srv), x509_cred, key_file, cert_file, crl_file, ca_file); return tls_srv; } |