diff --git a/src/client/sock.c b/src/client/sock.c
index 330d656fb66d2f2c566ce8a36812c6ea83dca4e4..65b6b0e3a3bc20c530b096ec72a2c61ffdf8c80d 100644 (file)
--- a/src/client/sock.c
+++ b/src/client/sock.c
bool eof;
/* optional SSL settings */
+ sdb_ssl_options_t ssl_opts;
sdb_ssl_client_t *ssl;
sdb_ssl_session_t *ssl_session;
if (client->fd < 0)
return -1;
- /* TODO: make options configurable */
- client->ssl = sdb_ssl_client_create(NULL);
+ client->ssl = sdb_ssl_client_create(&client->ssl_opts);
if (! client->ssl) {
sdb_client_close(client);
return -1;
free(client->address);
client->address = NULL;
+ sdb_ssl_free_options(&client->ssl_opts);
+
free(client);
} /* sdb_client_destroy */
+int
+sdb_client_set_ssl_options(sdb_client_t *client, const sdb_ssl_options_t *opts)
+{
+ int ret = 0;
+
+ if ((! client) || (! opts))
+ return -1;
+
+ sdb_ssl_free_options(&client->ssl_opts);
+
+ if (opts->ca_file) {
+ client->ssl_opts.ca_file = strdup(opts->ca_file);
+ if (! client->ssl_opts.ca_file)
+ ret = -1;
+ }
+ if (opts->key_file) {
+ client->ssl_opts.key_file = strdup(opts->key_file);
+ if (! client->ssl_opts.key_file)
+ ret = -1;
+ }
+ if (opts->cert_file) {
+ client->ssl_opts.cert_file = strdup(opts->cert_file);
+ if (! client->ssl_opts.cert_file)
+ ret = -1;
+ }
+ if (opts->crl_file) {
+ client->ssl_opts.crl_file = strdup(opts->crl_file);
+ if (! client->ssl_opts.crl_file)
+ ret = -1;
+ }
+
+ if (ret)
+ sdb_ssl_free_options(&client->ssl_opts);
+ return ret;
+} /* sdb_client_set_ssl_options */
+
int
sdb_client_connect(sdb_client_t *client, const char *username)
{