Fossil

Diff
Login
Home Timeline Docs Branches Tickets Wiki DownloadMore...
Annotate Patch Side-by-side Diff

Differences From Artifact [342884a745]:

To Artifact [4fb1be0a03]:

702
703
704
705
706
707
708


709
710
711
712
713
714
715

702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717








+
+








** If zCertFile is NULL, then "ssl-cert" setting is consulted
** to get the certificate and private-key (concatenated together, in
** the PEM format).  If there is no ssl-cert setting, then
** a built-in self-signed cert is used.
*/
void ssl_init_server(const char *zCertFile, const char *zKeyFile){
  if( sslIsInit==0 ){
    db_find_and_open_repository(OPEN_OK_NOT_FOUND|OPEN_SUBSTITUTE,0);
    db_open_config(1,0);
    const char *zTlsCert;
    SSL_library_init();
    SSL_load_error_strings();
    OpenSSL_add_all_algorithms();
    sslCtx = SSL_CTX_new(SSLv23_server_method());
    if( sslCtx==0 ){
      ERR_print_errors_fp(stderr);

903
904
905
906
907
908
909
910

911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926

927
928
929
930
931
932
933

905
906
907
908
909
910
911

912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927

928
929
930
931
932
933
934
935








-
+















-
+








        fossil_exit(1);
      }
    }
    db_unprotect(PROTECT_ALL);
    db_multi_exec(
      "PRAGMA secure_delete=ON;"
      "DELETE FROM config "
      " WHERE name IN ('ssl-cert','ssl-cert-file','ssl-cert-key');"
      " WHERE name IN ('ssl-cert','ssl-cert-file','ssl-key-file');"
    );
    db_protect_pop();
  }else
  if( strncmp("load-cert",zCmd,nCmd)==0 && nCmd>=4 ){
    int bFN = find_option("filename",0,0)!=0;
    int i;
    Blob allText = BLOB_INITIALIZER;
    int haveCert = 0;
    int haveKey = 0;
    verify_all_options();
    db_begin_transaction();
    db_unprotect(PROTECT_ALL);
    db_multi_exec(
      "PRAGMA secure_delete=ON;"
      "DELETE FROM config "
      " WHERE name IN ('ssl-cert','ssl-cert-file','ssl-cert-key');"
      " WHERE name IN ('ssl-cert','ssl-cert-file','ssl-key-file');"
    );
    nHit = 0;
    for(i=3; i<g.argc; i++){
      Blob x;
      int isCert;
      int isKey;
      if( !file_isfile(g.argv[i], ExtFILE) ){

942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978

979
980
981
982
983
984
985

944
945
946
947
948
949
950

951
952
953
954
955
956
957
958
959
960
961
962
963
964

965
966
967
968
969
970
971
972
973
974
975
976
977

978
979
980
981
982
983
984
985








-














-













-
+








      if( isCert ){
        if( haveCert ){
          fossil_fatal("more than one certificate provided");
        }
        haveCert = 1;
        if( bFN ){
          db_set("ssl-cert-file", file_canonical_name_dup(g.argv[i]), 0);
        }else{
          blob_append(&allText, blob_buffer(&x), blob_size(&x));
        }
        if( isKey && !haveKey ){
          haveKey = 1;
          isKey = 0;
        }
      }
      if( isKey ){
        if( haveKey ){
          fossil_fatal("more than one private key provided");
        }
        haveKey = 1;
        if( bFN ){
          db_set("ssl-key-file", file_canonical_name_dup(g.argv[i]), 0);
        }else{
          blob_append(&allText, blob_buffer(&x), blob_size(&x));
        }
      }
    }
    if( !haveCert ){
      if( !haveKey ){
        fossil_fatal("missing certificate and private-key");
      }else{
        fossil_fatal("missing certificate");
      }
    }else if( !haveKey ){
      fossil_fatal("missing private-key");
    }
    if( !bFN ){
    if( bFN ){
      db_set("ssl-cert", blob_str(&allText), 0);
    }
    db_protect_pop();
    db_commit_transaction();
  }else
  if( strncmp("scrub",zCmd,nCmd)==0 && nCmd>4 ){
    int bForce = find_option("force","f",0)!=0;
This page was generated in about 0.012s by Fossil 2.26 [1205ec86cb] 2025-04-30 16:57:32