- Connected code paths to use CA or trust.
This commit is contained in:
Paul Beckingham 2013-11-03 12:51:13 -05:00
parent f1f93aa5d5
commit 7fa3f71575
3 changed files with 7 additions and 8 deletions

View file

@ -156,17 +156,19 @@ void TLSClient::trust (bool value)
////////////////////////////////////////////////////////////////////////////////
void TLSClient::init (
const std::string& ca,
const std::string& cert,
const std::string& key)
{
_ca = ca;
_cert = cert;
_key = key;
gnutls_global_init ();
gnutls_certificate_allocate_credentials (&_credentials);
if (_cert != "" &&
gnutls_certificate_set_x509_trust_file (_credentials, _cert.c_str (), GNUTLS_X509_FMT_PEM) < 0)
if (_ca != "" &&
gnutls_certificate_set_x509_trust_file (_credentials, _ca.c_str (), GNUTLS_X509_FMT_PEM) < 0)
throw std::string ("Missing CA file.");
if (_cert != "" &&

View file

@ -40,7 +40,7 @@ public:
void limit (int);
void debug (int);
void trust (bool);
void init (const std::string&, const std::string&);
void init (const std::string&, const std::string&, const std::string&);
void connect (const std::string&, const std::string&);
void bye ();

View file

@ -344,11 +344,8 @@ bool CmdSync::send (
TLSClient client;
client.debug (context.config.getInteger ("debug.tls"));
// TODO Either use 'ca' or 'trust', but not both.
if (trust && ca == "")
client.trust (trust);
client.init (certificate, key);
client.trust (trust);
client.init (ca, certificate, key);
client.connect (server, port);
client.send (request.serialize () + "\n");