summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--examples/amqps_bind.c9
-rw-r--r--examples/amqps_consumer.c9
-rw-r--r--examples/amqps_exchange_declare.c9
-rw-r--r--examples/amqps_listen.c9
-rw-r--r--examples/amqps_listenq.c9
-rw-r--r--examples/amqps_producer.c9
-rw-r--r--examples/amqps_sendstring.c9
-rw-r--r--examples/amqps_unbind.c9
-rw-r--r--librabbitmq/amqp-openssl.c15
-rw-r--r--librabbitmq/amqp-ssl-socket.h18
-rw-r--r--tools/common.c5
11 files changed, 26 insertions, 84 deletions
diff --git a/examples/amqps_bind.c b/examples/amqps_bind.c
index 04db414..050be73 100644
--- a/examples/amqps_bind.c
+++ b/examples/amqps_bind.c
@@ -75,15 +75,8 @@ int main(int argc, char const * const *argv) {
}
}
- if (argc > 7) {
- status = amqp_ssl_socket_set_key(socket, argv[7]);
- if (status) {
- die("setting client key");
- }
- }
-
if (argc > 8) {
- status = amqp_ssl_socket_set_cert(socket, argv[8]);
+ status = amqp_ssl_socket_set_key(socket, argv[8], argv[7]);
if (status) {
die("setting client cert");
}
diff --git a/examples/amqps_consumer.c b/examples/amqps_consumer.c
index 86c9d9f..cccbe33 100644
--- a/examples/amqps_consumer.c
+++ b/examples/amqps_consumer.c
@@ -147,15 +147,8 @@ int main(int argc, char const * const *argv) {
}
}
- if (argc > 4) {
- status = amqp_ssl_socket_set_key(socket, argv[4]);
- if (status) {
- die("setting client key/cert");
- }
- }
-
if (argc > 5) {
- status = amqp_ssl_socket_set_cert(socket, argv[5]);
+ status = amqp_ssl_socket_set_key(socket, argv[5], argv[4]);
if (status) {
die("setting client key");
}
diff --git a/examples/amqps_exchange_declare.c b/examples/amqps_exchange_declare.c
index 12c814b..bcf30b1 100644
--- a/examples/amqps_exchange_declare.c
+++ b/examples/amqps_exchange_declare.c
@@ -73,15 +73,8 @@ int main(int argc, char const * const *argv) {
}
}
- if (argc > 6) {
- status = amqp_ssl_socket_set_key(socket, argv[6]);
- if (status) {
- die("setting client key/cert");
- }
- }
-
if (argc > 7) {
- status = amqp_ssl_socket_set_cert(socket, argv[7]);
+ status = amqp_ssl_socket_set_key(socket, argv[7], argv[6]);
if (status) {
die("setting client key/cert");
}
diff --git a/examples/amqps_listen.c b/examples/amqps_listen.c
index 876bad9..25f8371 100644
--- a/examples/amqps_listen.c
+++ b/examples/amqps_listen.c
@@ -77,15 +77,8 @@ int main(int argc, char const * const *argv) {
}
}
- if (argc > 6) {
- status = amqp_ssl_socket_set_key(socket, argv[6]);
- if (status) {
- die("setting client key");
- }
- }
-
if (argc > 7) {
- status = amqp_ssl_socket_set_cert(socket, argv[7]);
+ status = amqp_ssl_socket_set_key(socket, argv[7], argv[6]);
if (status) {
die("setting client cert");
}
diff --git a/examples/amqps_listenq.c b/examples/amqps_listenq.c
index 9d910c9..2bb1760 100644
--- a/examples/amqps_listenq.c
+++ b/examples/amqps_listenq.c
@@ -73,15 +73,8 @@ int main(int argc, char const * const *argv) {
}
}
- if (argc > 5) {
- status = amqp_ssl_socket_set_key(socket, argv[5]);
- if (status) {
- die("setting client key");
- }
- }
-
if (argc > 6) {
- status = amqp_ssl_socket_set_cert(socket, argv[5]);
+ status = amqp_ssl_socket_set_key(socket, argv[6], argv[5]);
if (status) {
die("setting client cert");
}
diff --git a/examples/amqps_producer.c b/examples/amqps_producer.c
index 18f0b3f..866f8f8 100644
--- a/examples/amqps_producer.c
+++ b/examples/amqps_producer.c
@@ -137,15 +137,8 @@ int main(int argc, char const * const *argv) {
}
}
- if (argc > 6) {
- status = amqp_ssl_socket_set_key(socket, argv[6]);
- if (status) {
- die("setting client key");
- }
- }
-
if (argc > 7) {
- status = amqp_ssl_socket_set_cert(socket, argv[7]);
+ status = amqp_ssl_socket_set_key(socket, argv[7], argv[6]);
if (status) {
die("setting client cert");
}
diff --git a/examples/amqps_sendstring.c b/examples/amqps_sendstring.c
index 1133dcf..c1f10df 100644
--- a/examples/amqps_sendstring.c
+++ b/examples/amqps_sendstring.c
@@ -75,15 +75,8 @@ int main(int argc, char const * const *argv) {
}
}
- if (argc > 7) {
- status = amqp_ssl_socket_set_key(socket, argv[7]);
- if (status) {
- die("setting client key");
- }
- }
-
if (argc > 8) {
- status = amqp_ssl_socket_set_cert(socket, argv[8]);
+ status = amqp_ssl_socket_set_key(socket, argv[8], argv[7]);
if (status) {
die("setting client cert");
}
diff --git a/examples/amqps_unbind.c b/examples/amqps_unbind.c
index 5c8a4b5..58a6730 100644
--- a/examples/amqps_unbind.c
+++ b/examples/amqps_unbind.c
@@ -75,15 +75,8 @@ int main(int argc, char const * const *argv) {
}
}
- if (argc > 7) {
- status = amqp_ssl_socket_set_key(socket, argv[7]);
- if (status) {
- die("setting client key");
- }
- }
-
if (argc > 8) {
- status = amqp_ssl_socket_set_cert(socket, argv[8]);
+ status = amqp_ssl_socket_set_key(socket, argv[8], argv[7]);
if (status) {
die("setting client cert");
}
diff --git a/librabbitmq/amqp-openssl.c b/librabbitmq/amqp-openssl.c
index df158b7..04be202 100644
--- a/librabbitmq/amqp-openssl.c
+++ b/librabbitmq/amqp-openssl.c
@@ -324,15 +324,21 @@ amqp_ssl_socket_set_cacert(amqp_socket_t *base,
int
amqp_ssl_socket_set_key(amqp_socket_t *base,
+ const char *cert,
const char *key)
{
+ int status;
struct amqp_ssl_socket_t *self;
if (base->klass != &amqp_ssl_socket_class) {
amqp_abort("<%p> is not of type amqp_ssl_socket_t", base);
}
self = (struct amqp_ssl_socket_t *)base;
- int status = SSL_CTX_use_PrivateKey_file(self->ctx, key,
- SSL_FILETYPE_PEM);
+ status = SSL_CTX_use_certificate_chain_file(self->ctx, cert);
+ if (1 != status) {
+ return -1;
+ }
+ status = SSL_CTX_use_PrivateKey_file(self->ctx, key,
+ SSL_FILETYPE_PEM);
if (1 != status) {
return -1;
}
@@ -351,6 +357,7 @@ password_cb(AMQP_UNUSED char *buffer,
int
amqp_ssl_socket_set_key_buffer(amqp_socket_t *base,
+ const char *cert,
const void *key,
size_t n)
{
@@ -362,6 +369,10 @@ amqp_ssl_socket_set_key_buffer(amqp_socket_t *base,
amqp_abort("<%p> is not of type amqp_ssl_socket_t", base);
}
self = (struct amqp_ssl_socket_t *)base;
+ status = SSL_CTX_use_certificate_chain_file(self->ctx, cert);
+ if (1 != status) {
+ return -1;
+ }
buf = BIO_new_mem_buf((void *)key, n);
if (!buf) {
goto error;
diff --git a/librabbitmq/amqp-ssl-socket.h b/librabbitmq/amqp-ssl-socket.h
index b6396ed..87bce35 100644
--- a/librabbitmq/amqp-ssl-socket.h
+++ b/librabbitmq/amqp-ssl-socket.h
@@ -58,6 +58,7 @@ amqp_ssl_socket_set_cacert(amqp_socket_t *self,
* Set the client key.
*
* \param [in,out] self An SSL/TLS socket object.
+ * \param [in] cert Path to the client certificate in PEM foramt.
* \param [in] key Path to the client key in PEM format.
*
* \return Zero if successful, -1 otherwise.
@@ -66,12 +67,14 @@ AMQP_PUBLIC_FUNCTION
int
AMQP_CALL
amqp_ssl_socket_set_key(amqp_socket_t *self,
+ const char *cert,
const char *key);
/**
* Set the client key from a buffer.
*
* \param [in,out] self An SSL/TLS socket object.
+ * \param [in] cert Path to the client certificate in PEM foramt.
* \param [in] key A buffer containing client key in PEM format.
* \param [in] n The length of the buffer.
*
@@ -81,24 +84,11 @@ AMQP_PUBLIC_FUNCTION
int
AMQP_CALL
amqp_ssl_socket_set_key_buffer(amqp_socket_t *self,
+ const char *cert,
const void *key,
size_t n);
/**
- * Set the client certificate.
- *
- * \param [in,out] self An SSL/TLS socket object.
- * \param [in] cert Path to the client certificate in PEM foramt.
- *
- * \return Zero if successful, -1 otherwise.
- */
-AMQP_PUBLIC_FUNCTION
-int
-AMQP_CALL
-amqp_ssl_socket_set_cert(amqp_socket_t *self,
- const char *cert);
-
-/**
* Enable or disable peer verification.
*
* If peer verification is enabled then the common name in the server
diff --git a/tools/common.c b/tools/common.c
index 60d70fb..abfba4b 100644
--- a/tools/common.c
+++ b/tools/common.c
@@ -336,10 +336,7 @@ amqp_connection_state_t make_connection(void)
amqp_ssl_socket_set_cacert(socket, amqp_cacert);
}
if (amqp_key) {
- amqp_ssl_socket_set_key(socket, amqp_key);
- }
- if (amqp_cert) {
- amqp_ssl_socket_set_cert(socket, amqp_cert);
+ amqp_ssl_socket_set_key(socket, amqp_cert, amqp_key);
}
#else
die("librabbitmq was not built with SSL/TLS support");
View Lorry Controller Status