| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657 |
- #include "ssl_ctx.h"
- #include <stdio.h>
- #ifdef WITH_OPENSSL
- #include "openssl/ssl.h"
- #endif
- void* g_ssl_ctx = 0;
- int ssl_ctx_init(const char* crt_file, const char* key_file, const char* ca_file) {
- #ifdef WITH_OPENSSL
- if (g_ssl_ctx != NULL) {
- return 0;
- }
- SSL_CTX* ctx = SSL_CTX_new(TLS_method());
- if (ctx == NULL) return -10;
- if (ca_file && *ca_file) {
- if (!SSL_CTX_load_verify_locations(ctx, ca_file, NULL)) {
- fprintf(stderr, "ssl ca_file verify failed!\n");
- return -20;
- }
- }
- if (crt_file && *crt_file) {
- if (!SSL_CTX_use_certificate_file(ctx, crt_file, SSL_FILETYPE_PEM)) {
- fprintf(stderr, "ssl crt_file error!\n");
- return -20;
- }
- }
- if (key_file && *key_file) {
- if (!SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM)) {
- fprintf(stderr, "ssl key_file error!\n");
- return -30;
- }
- if (!SSL_CTX_check_private_key(ctx)) {
- fprintf(stderr, "ssl key_file check failed!\n");
- return -40;
- }
- }
- SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
- g_ssl_ctx = ctx;
- return 0;
- #else
- fprintf(stderr, "Please recompile WITH_OPENSSL.\n");
- return -1;
- #endif
- }
- int ssl_ctx_destory() {
- #ifdef WITH_OPENSSL
- if (g_ssl_ctx) {
- SSL_CTX_free((SSL_CTX*)g_ssl_ctx);
- g_ssl_ctx = NULL;
- }
- #endif
- return 0;
- }
|
