diff options
Diffstat (limited to 'WWW')
| -rw-r--r-- | WWW/Library/Implementation/HTTP.c | 27 | ||||
| -rw-r--r-- | WWW/Library/Implementation/tidy_tls.h | 7 |
2 files changed, 32 insertions, 2 deletions
diff --git a/WWW/Library/Implementation/HTTP.c b/WWW/Library/Implementation/HTTP.c index 86846add..6dc6adf8 100644 --- a/WWW/Library/Implementation/HTTP.c +++ b/WWW/Library/Implementation/HTTP.c @@ -1,5 +1,5 @@ /* - * $LynxId: HTTP.c,v 1.142 2015/05/06 23:34:07 tom Exp $ + * $LynxId: HTTP.c,v 1.143 2015/10/08 08:52:00 Simon.Kainz Exp $ * * HyperText Tranfer Protocol - Client implementation HTTP.c * ========================== @@ -162,6 +162,9 @@ SSL *HTGetSSLHandle(void) { #ifdef USE_GNUTLS_INCL static char *certfile = NULL; + static char *client_keyfile = NULL; + static char *client_certfile = NULL; + #endif if (ssl_ctx == NULL) { @@ -204,6 +207,7 @@ SSL *HTGetSSLHandle(void) } #endif #ifdef USE_GNUTLS_INCL + if ((certfile = LYGetEnv("SSL_CERT_FILE")) != NULL) { CTRACE((tfp, "HTGetSSLHandle: certfile is set to %s by SSL_CERT_FILE\n", @@ -225,10 +229,31 @@ SSL *HTGetSSLHandle(void) } #endif atexit(free_ssl_ctx); + } #ifdef USE_GNUTLS_INCL + + if (non_empty(SSL_client_key_file)) { + client_keyfile = SSL_client_key_file; + CTRACE((tfp, + "HTGetSSLHandle: client key file is set to %s by config SSL_CLIENT_KEY_FILE\n", + client_keyfile)); + } + + if (non_empty(SSL_client_cert_file)) { + client_certfile = SSL_client_cert_file; + CTRACE((tfp, + "HTGetSSLHandle: client cert file is set to %s by config SSL_CLIENT_CERT_FILE\n", + client_certfile)); + } + ssl_ctx->certfile = certfile; ssl_ctx->certfile_type = GNUTLS_X509_FMT_PEM; + ssl_ctx->client_keyfile = client_keyfile; + ssl_ctx->client_keyfile_type = GNUTLS_X509_FMT_PEM; + ssl_ctx->client_certfile = client_certfile; + ssl_ctx->client_certfile_type = GNUTLS_X509_FMT_PEM; + #endif ssl_okay = 0; return (SSL_new(ssl_ctx)); diff --git a/WWW/Library/Implementation/tidy_tls.h b/WWW/Library/Implementation/tidy_tls.h index 631e8a2a..1674c81b 100644 --- a/WWW/Library/Implementation/tidy_tls.h +++ b/WWW/Library/Implementation/tidy_tls.h @@ -1,5 +1,5 @@ /* - * $LynxId: tidy_tls.h,v 1.6 2015/09/02 01:16:04 tom Exp $ + * $LynxId: tidy_tls.h,v 1.7 2015/10/08 08:51:26 Simon.Kainz Exp $ * Copyright 2008-2013,2015 Thomas E. Dickey */ #ifndef TIDY_TLS_H @@ -78,6 +78,11 @@ typedef struct _SSL_CTX { int (*verify_callback) (int, X509_STORE_CTX *); int verify_mode; + char *client_certfile; + int client_certfile_type; + char *client_keyfile; + int client_keyfile_type; + } SSL_CTX; struct _SSL { |