summaryrefslogtreecommitdiff
path: root/modules/io-tls/c++
diff options
context:
space:
mode:
Diffstat (limited to 'modules/io-tls/c++')
-rw-r--r--modules/io-tls/c++/tls.tmpl.hpp42
1 files changed, 35 insertions, 7 deletions
diff --git a/modules/io-tls/c++/tls.tmpl.hpp b/modules/io-tls/c++/tls.tmpl.hpp
index 46b00d4..62cfe59 100644
--- a/modules/io-tls/c++/tls.tmpl.hpp
+++ b/modules/io-tls/c++/tls.tmpl.hpp
@@ -107,9 +107,25 @@ private:
gnutls_certificate_credentials_t xcred_;
gnutls_session_t session_handle_;
+ std::string key_file_;
+ std::string cert_file_;
+ std::string crl_file_;
+ std::string ca_file_;
public:
- tls_server(own<server<T>> internal__, gnutls_certificate_credentials_t xcred__):
- internal_{std::move(internal__)}
+ tls_server(
+ own<server<T>> internal__,
+ gnutls_certificate_credentials_t xcred__,
+ std::string key_f__,
+ std::string cert_f__,
+ std::string crl_f__,
+ std::string ca_f__
+ ):
+ internal_{std::move(internal__)},
+ xcred_{xcred__},
+ key_file_{std::move(key_f__)},
+ cert_file_{std::move(cert_f__)},
+ crl_file_{std::move(crl_f__)},
+ ca_file_{std::move(ca_f__)}
{}
~tls_server() {
@@ -206,17 +222,29 @@ error_or<own<server<net::Tls<T>>>> tls_network<T>::listen(network_address<net::T
gnutls_certificate_credentials_t x509_cred;
gnutls_certificate_allocate_credentials(&x509_cred);
- std::string OCSP_STATUS_FILE = "ocsp-status.der";
+ static std::string OCSP_STATUS_FILE = "ocsp-status.der";
+
+ std::string key_f = key_file;
+ std::string cert_f = cert_file;
+ std::string crl_f = crl_file;
+ std::string ca_f = ca_file;
- gnutls_certificate_set_x509_trust_file(x509_cred, ca_file.c_str(), GNUTLS_X509_FMT_PEM);
- gnutls_certificate_set_x509_crl_file(x509_cred, crl_file.c_str(), GNUTLS_X509_FMT_PEM);
- gnutls_certificate_set_x509_key_file(x509_cred, cert_file.c_str(), key_file.c_str(), GNUTLS_X509_FMT_PEM);
+ gnutls_certificate_set_x509_trust_file(x509_cred, ca_f.c_str(), GNUTLS_X509_FMT_PEM);
+ gnutls_certificate_set_x509_crl_file(x509_cred, crl_f.c_str(), GNUTLS_X509_FMT_PEM);
+ gnutls_certificate_set_x509_key_file(x509_cred, cert_f.c_str(), key_f.c_str(), GNUTLS_X509_FMT_PEM);
gnutls_certificate_set_ocsp_status_request_file(x509_cred, OCSP_STATUS_FILE.c_str(), 0);
auto int_srv = internal_().listen(address.get_handle());
- own<server<net::Tls<T>>> tls_srv = heap<tls_server<T>>(std::move(int_srv), x509_cred, key_file, cert_file, crl_file, ca_file);
+ own<server<net::Tls<T>>> tls_srv = heap<tls_server<T>>(
+ std::move(int_srv),
+ x509_cred,
+ std::move(key_f),
+ std::move(cert_f),
+ std::move(crl_f),
+ std::move(ca_f)
+ );
return tls_srv;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-17 14:42:54 +0000