min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add SSL_CTX_add_client_CA on OpenSSL

This commit is contained in:
Andy Caldwell 2019-05-13 15:07:46 +01:00
parent 6686092edf
commit 628c3b338a
No known key found for this signature in database
GPG Key ID: D4204541AC1D228D
2 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
openssl-sys/src/ssl.rs
View File

@ -1093,6 +1093,9 @@ extern "C" {
pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME); pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME);
#[cfg(not(libressl))]
pub fn SSL_CTX_add_client_CA(ctx: *mut SSL_CTX, cacert: *mut X509) -> c_int;
pub fn SSL_CTX_set_default_verify_paths(ctx: *mut SSL_CTX) -> c_int; pub fn SSL_CTX_set_default_verify_paths(ctx: *mut SSL_CTX) -> c_int;
pub fn SSL_CTX_load_verify_locations( pub fn SSL_CTX_load_verify_locations(
ctx: *mut SSL_CTX, ctx: *mut SSL_CTX,

17
openssl/src/ssl/mod.rs
View File

@ -870,6 +870,23 @@ impl SslContextBuilder {
} }
} }
/// Add the provided CA certificate to the list sent by the server to the client when
/// requesting client-side TLS authentication.
///
/// This corresponds to [`SSL_CTX_add_client_CA`].
///
/// [`SSL_CTX_add_client_CA`]: https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_set_client_CA_list.html
#[cfg(not(libressl))]
pub fn add_client_ca(&mut self, cacert: &mut X509) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::SSL_CTX_add_client_CA(
self.as_ptr(),
cacert.as_ptr()
))
.map(|_| ())
}
}
/// Set the context identifier for sessions. /// Set the context identifier for sessions.
/// ///
/// This value identifies the server's session cache to clients, telling them when they're /// This value identifies the server's session cache to clients, telling them when they're