dany/luasec
1
0
Fork 0
mirror of https://github.com/brunoos/luasec.git synced 2025-02-20 18:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Enable multiple SSL certificates (issue 27)

Browse Source
This commit is contained in:
Jeremy List 2019-02-22 13:39:15 +13:00
parent ef342a7cda
commit ff868e4a06
1 changed files with 31 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
src/ssl.lua
View File

@ -74,25 +74,39 @@ local function newcontext(cfg)
-- Mode -- Mode
succ, msg = context.setmode(ctx, cfg.mode) succ, msg = context.setmode(ctx, cfg.mode)
if not succ then return nil, msg end if not succ then return nil, msg end
-- Load the key -- Wrap singular certificate, key, etc in tables if necessary
if cfg.key then for _, prop in pairs({ "key", "certificate", "password" }) do
if cfg.password and if not cfg[prop .. "s"] then
type(cfg.password) ~= "function" and if cfg[prop] then
type(cfg.password) ~= "string" cfg[prop .. "s"] = { cfg[prop] }
then else
return nil, "invalid password type" cfg[prop .. "s"] = {}
end
end end
succ, msg = context.loadkey(ctx, cfg.key, cfg.password)
if not succ then return nil, msg end
end end
-- Load the certificate for i, certificate in pairs(cfg.certificates) do
if cfg.certificate then local password = cfg.passwords[i]
succ, msg = context.loadcert(ctx, cfg.certificate) local key = cfg.keys[i]
if not succ then return nil, msg end -- Load the key
if cfg.key and context.checkkey then if key then
succ = context.checkkey(ctx) if password and
if not succ then return nil, "private key does not match public key" end type(password) ~= "function" and
end type(password) ~= "string"
then
return nil, "invalid password type"
end
succ, msg = context.loadkey(ctx, key, password)
if not succ then return nil, msg end
end
-- Load the certificate(s)
if certificate then
succ, msg = context.loadcert(ctx, certificate)
if not succ then return nil, msg end
if key and context.checkkey then
succ = context.checkkey(ctx)
if not succ then return nil, "private key does not match public key" end
end
end
end end
-- Load the CA certificates -- Load the CA certificates
if cfg.cafile or cfg.capath then if cfg.cafile or cfg.capath then