Factor our the keypair handling in libtls. This results in more readable

and self-contained code, while preparing for the ability to handle multiple keypairs. Also provide two additional functions that allow a public certificate and private key to be set with a single function call. ok beck@
author: jsing <jsing@openbsd.org> 2016-04-28 17:05:59 +0000
committer: jsing <jsing@openbsd.org> 2016-04-28 17:05:59 +0000
commit: 1fe9fea1ebab074cc3d3b296dff1b39b81ee8307 (patch)
tree: d064948ebfbe97d2ec9510ce60af63742ca24e77 /lib/libtls/tls_server.c
parent: Rework the error handling in libtls so that we can associate errors with (diff)
download: wireguard-openbsd-1fe9fea1ebab074cc3d3b296dff1b39b81ee8307.tar.xz
wireguard-openbsd-1fe9fea1ebab074cc3d3b296dff1b39b81ee8307.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libtls/tls_server.c b/lib/libtls/tls_server.c
index ad98cf3d7e8..1d94c99bc01 100644
--- a/lib/libtls/tls_server.c
+++ b/lib/libtls/tls_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_server.c,v 1.18 2015/09/29 10:17:04 deraadt Exp $ */
+/* $OpenBSD: tls_server.c,v 1.19 2016/04/28 17:05:59 jsing Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -61,7 +61,7 @@ tls_configure_server(struct tls *ctx)
 
 	if (tls_configure_ssl(ctx) != 0)
 		goto err;
-	if (tls_configure_keypair(ctx, 1) != 0)
+	if (tls_configure_keypair(ctx, ctx->ssl_ctx, ctx->config->keypair, 1) != 0)
 		goto err;
 	if (ctx->config->verify_client != 0) {
 		int verify = SSL_VERIFY_PEER;
author	jsing <jsing@openbsd.org>	2016-04-28 17:05:59 +0000
committer	jsing <jsing@openbsd.org>	2016-04-28 17:05:59 +0000
commit	1fe9fea1ebab074cc3d3b296dff1b39b81ee8307 (patch)
tree	d064948ebfbe97d2ec9510ce60af63742ca24e77 /lib/libtls/tls_server.c
parent	Rework the error handling in libtls so that we can associate errors with (diff)
download	wireguard-openbsd-1fe9fea1ebab074cc3d3b296dff1b39b81ee8307.tar.xz wireguard-openbsd-1fe9fea1ebab074cc3d3b296dff1b39b81ee8307.zip