From: Steven Barth <steven@midlink.org>
Date: Sat, 6 Jun 2009 13:03:31 +0000 (+0000)
Subject: nixio: Add support for DER keyfiles
X-Git-Tag: 0.9.0~261
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=0d2004141917f65c3a4c7b0bc0e8005d3a47b8c8;p=oweals%2Fluci.git

nixio: Add support for DER keyfiles
---

diff --git a/libs/nixio/src/axtls-compat.h b/libs/nixio/src/axtls-compat.h
index 77533ef4f..aee24f56c 100644
--- a/libs/nixio/src/axtls-compat.h
+++ b/libs/nixio/src/axtls-compat.h
@@ -44,6 +44,7 @@
 #define SSL_OP_NO_SSLv3					0x02000000L
 #define SSL_OP_NO_SSLv2					0x01000000L
 #define SSL_FILETYPE_PEM				1
+#define SSL_FILETYPE_ASN1				2
 #define SSL_VERIFY_NONE					0x00
 #define SSL_VERIFY_PEER					0x01
 #define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
diff --git a/libs/nixio/src/tls-context.c b/libs/nixio/src/tls-context.c
index fdbe22462..e55de05cc 100644
--- a/libs/nixio/src/tls-context.c
+++ b/libs/nixio/src/tls-context.c
@@ -119,7 +119,17 @@ static int nixio_tls_ctx_set_cert(lua_State *L) {
 static int nixio_tls_ctx_set_key(lua_State *L) {
 	SSL_CTX *ctx = nixio__checktlsctx(L);
 	const char *cert = luaL_checkstring(L, 2);
-	const int ktype = SSL_FILETYPE_PEM;
+	const char *type = luaL_optstring(L, 3, "pem");
+	int ktype;
+
+	if (!strcmp(type, "pem")) {
+		ktype = SSL_FILETYPE_PEM;
+	} else if (!strcmp(type, "asn1")) {
+		ktype = SSL_FILETYPE_ASN1;
+	} else {
+		return luaL_argerror(L, 3, "supported values: pem, asn1");
+	}
+
 	return nixio__tls_pstatus(L, SSL_CTX_use_PrivateKey_file(ctx, cert, ktype));
 }