Minor change to cert loading
This commit is contained in:
@@ -165,16 +165,12 @@ static bool contains_privatekey(const char *fn) {
|
||||
|
||||
void ctx_load_cert_from_directory(SSL_CTX *ctx, const std::string &dir) {
|
||||
std::vector<std::string> key_paths;
|
||||
std::vector<std::string> chain_paths;
|
||||
std::vector<std::string> cert_paths;
|
||||
|
||||
for (const auto & entry : std::filesystem::directory_iterator(dir)) {
|
||||
std::string fn = entry.path();
|
||||
int count = count_certificates(fn.c_str());
|
||||
if (count == 1) {
|
||||
if (count_certificates(fn.c_str()) >= 1) {
|
||||
cert_paths.push_back(fn);
|
||||
} else if (count > 1) {
|
||||
chain_paths.push_back(fn);
|
||||
}
|
||||
if (contains_privatekey(fn.c_str())) {
|
||||
key_paths.push_back(fn);
|
||||
@@ -185,16 +181,12 @@ void ctx_load_cert_from_directory(SSL_CTX *ctx, const std::string &dir) {
|
||||
std::cerr << "Directory contains multiple certs: " << dir << std::endl;
|
||||
exit(1);
|
||||
}
|
||||
if (chain_paths.size() > 1) {
|
||||
std::cerr << "Directory contains multiple chains: " << dir << std::endl;
|
||||
exit(1);
|
||||
}
|
||||
if (key_paths.size() > 1) {
|
||||
std::cerr << "Directory contains multiple keys: " << dir << std::endl;
|
||||
exit(1);
|
||||
}
|
||||
if (cert_paths.empty() && chain_paths.empty()) {
|
||||
std::cerr << "Directory doesn't contain a certificate: " << dir << std::endl;
|
||||
if (cert_paths.empty()) {
|
||||
std::cerr << "Directory doesn't contain a cert: " << dir << std::endl;
|
||||
exit(1);
|
||||
}
|
||||
if (key_paths.empty()) {
|
||||
@@ -205,13 +197,8 @@ void ctx_load_cert_from_directory(SSL_CTX *ctx, const std::string &dir) {
|
||||
int status;
|
||||
status = SSL_CTX_use_PrivateKey_file(ctx, key_paths[0].c_str(), SSL_FILETYPE_PEM);
|
||||
assert(status == 1);
|
||||
if (chain_paths.empty()) {
|
||||
status = SSL_CTX_use_certificate_file(ctx, cert_paths[0].c_str(), SSL_FILETYPE_PEM);
|
||||
assert(status == 1);
|
||||
} else {
|
||||
status = SSL_CTX_use_certificate_chain_file(ctx, chain_paths[0].c_str());
|
||||
assert(status == 1);
|
||||
}
|
||||
status = SSL_CTX_use_certificate_chain_file(ctx, cert_paths[0].c_str());
|
||||
assert(status == 1);
|
||||
}
|
||||
|
||||
} // namespace drvssl
|
||||
|
||||
Reference in New Issue
Block a user