about summary refs log tree commit diff stats
path: root/WWW/Library/Implementation
diff options
context:
space:
mode:
Diffstat (limited to 'WWW/Library/Implementation')
-rw-r--r--WWW/Library/Implementation/HTTP.c27
-rw-r--r--WWW/Library/Implementation/tidy_tls.h7
2 files changed, 32 insertions, 2 deletions
diff --git a/WWW/Library/Implementation/HTTP.c b/WWW/Library/Implementation/HTTP.c
index 86846add..6dc6adf8 100644
--- a/WWW/Library/Implementation/HTTP.c
+++ b/WWW/Library/Implementation/HTTP.c
@@ -1,5 +1,5 @@
 /*
- * $LynxId: HTTP.c,v 1.142 2015/05/06 23:34:07 tom Exp $
+ * $LynxId: HTTP.c,v 1.143 2015/10/08 08:52:00 Simon.Kainz Exp $
  *
  * HyperText Tranfer Protocol	- Client implementation		HTTP.c
  * ==========================
@@ -162,6 +162,9 @@ SSL *HTGetSSLHandle(void)
 {
 #ifdef USE_GNUTLS_INCL
     static char *certfile = NULL;
+    static char *client_keyfile = NULL;
+    static char *client_certfile = NULL;
+
 #endif
 
     if (ssl_ctx == NULL) {
@@ -204,6 +207,7 @@ SSL *HTGetSSLHandle(void)
 	}
 #endif
 #ifdef USE_GNUTLS_INCL
+
 	if ((certfile = LYGetEnv("SSL_CERT_FILE")) != NULL) {
 	    CTRACE((tfp,
 		    "HTGetSSLHandle: certfile is set to %s by SSL_CERT_FILE\n",
@@ -225,10 +229,31 @@ SSL *HTGetSSLHandle(void)
 	}
 #endif
 	atexit(free_ssl_ctx);
+
     }
 #ifdef USE_GNUTLS_INCL
+
+    if (non_empty(SSL_client_key_file)) {
+	client_keyfile = SSL_client_key_file;
+	CTRACE((tfp,
+		"HTGetSSLHandle: client key file is set to %s by config SSL_CLIENT_KEY_FILE\n",
+		client_keyfile));
+    }
+
+    if (non_empty(SSL_client_cert_file)) {
+	client_certfile = SSL_client_cert_file;
+	CTRACE((tfp,
+		"HTGetSSLHandle: client cert file is set to %s by config SSL_CLIENT_CERT_FILE\n",
+		client_certfile));
+    }
+
     ssl_ctx->certfile = certfile;
     ssl_ctx->certfile_type = GNUTLS_X509_FMT_PEM;
+    ssl_ctx->client_keyfile = client_keyfile;
+    ssl_ctx->client_keyfile_type = GNUTLS_X509_FMT_PEM;
+    ssl_ctx->client_certfile = client_certfile;
+    ssl_ctx->client_certfile_type = GNUTLS_X509_FMT_PEM;
+
 #endif
     ssl_okay = 0;
     return (SSL_new(ssl_ctx));
diff --git a/WWW/Library/Implementation/tidy_tls.h b/WWW/Library/Implementation/tidy_tls.h
index 631e8a2a..1674c81b 100644
--- a/WWW/Library/Implementation/tidy_tls.h
+++ b/WWW/Library/Implementation/tidy_tls.h
@@ -1,5 +1,5 @@
 /*
- * $LynxId: tidy_tls.h,v 1.6 2015/09/02 01:16:04 tom Exp $
+ * $LynxId: tidy_tls.h,v 1.7 2015/10/08 08:51:26 Simon.Kainz Exp $
  * Copyright 2008-2013,2015 Thomas E. Dickey
  */
 #ifndef TIDY_TLS_H
@@ -78,6 +78,11 @@ typedef struct _SSL_CTX {
     int (*verify_callback) (int, X509_STORE_CTX *);
     int verify_mode;
 
+    char *client_certfile;
+    int client_certfile_type;
+    char *client_keyfile;
+    int client_keyfile_type;
+
 } SSL_CTX;
 
 struct _SSL {