From 5f4eb537d7a4eb28db8bd6211bc8e29ae5c4465a Mon Sep 17 00:00:00 2001
From: Adriaan de Jong <dejong@fox-it.com>
Date: Thu, 30 Jun 2011 08:57:52 +0200
Subject: Refactored external key loading from management

Fixed a bug in external key loading, where if no certificate file was
specified, the program would still try to use an external private key.

Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <davids@redhat.com>
---
 ssl_backend.h | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'ssl_backend.h')

diff --git a/ssl_backend.h b/ssl_backend.h
index 3beee19..024b547 100644
--- a/ssl_backend.h
+++ b/ssl_backend.h
@@ -209,6 +209,23 @@ int tls_ctx_load_priv_file (struct tls_root_ctx *ctx, const char *priv_key_file
 #endif
     );
 
+#ifdef MANAGMENT_EXTERNAL_KEY
+
+/**
+ * Tell the management interface to load the external private key matching
+ * the given certificate.
+ *
+ * @param ctx			TLS context to use
+ * @param cert			The certificate file to load the private key for
+ * 				"[[INLINE]]" in the case of inline files.
+ *
+ * @return 			1 if an error occurred, 0 if parsing was
+ * 				successful.
+ */
+int tls_ctx_use_external_private_key (struct tls_root_ctx *ctx, X509 *cert);
+
+#endif
+
 /**
  * Show the TLS ciphers that are available for us to use in the OpenSSL
  * library.
-- 
cgit