17 std::vector<Unique_X509> cas;
18 bool partial_ok =
false;
20 void append_cert(
const std::string& ca_string)
22 if (!ca_string.empty())
24 Unique_BIO bio(ca_string.data(), ca_string.size());
28 throw std::runtime_error(
31 cas.push_back(std::move(ca));
36 CA(
const std::string& ca,
bool partial_ok_ =
false) :
37 partial_ok(partial_ok_)
42 CA(
const std::vector<std::string>& ca_strings,
bool partial_ok_ =
false) :
43 partial_ok(partial_ok_)
45 for (
const auto& ca_string : ca_strings)
47 append_cert(ca_string);
51 CA(
const std::vector<ccf::crypto::Pem>& ca_pems,
bool partial_ok_ =
false) :
52 partial_ok(partial_ok_)
54 for (
const auto& ca_pem : ca_pems)
56 append_cert(ca_pem.str());
62 void use(SSL_CTX* ssl_ctx)
64 X509_STORE* store = X509_STORE_new();
67 CHECK1(X509_STORE_set_flags(store, X509_V_FLAG_PARTIAL_CHAIN));
69 for (
const auto& ca : cas)
71 CHECK1(X509_STORE_add_cert(store, ca));
73 SSL_CTX_set_cert_store(ssl_ctx, store);
CA(const std::vector< std::string > &ca_strings, bool partial_ok_=false)
Definition ca.h:42
void use(SSL_CTX *ssl_ctx)
Definition ca.h:62
CA(const std::string &ca, bool partial_ok_=false)
Definition ca.h:36
CA(const std::vector< ccf::crypto::Pem > &ca_pems, bool partial_ok_=false)
Definition ca.h:51
Definition openssl_wrappers.h:29
void CHECK1(int rc)
Throws if rc is not 1 and has error.
Definition openssl_wrappers.h:58
Definition key_exchange.h:18
std::string error_string(int ec)
Definition tls.h:32
Definition openssl_wrappers.h:161
Definition openssl_wrappers.h:277
