a1batross
/
kore
forked from mirrors/kore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Support crls for kore.domain() in Python. 

The crl keyword is parsed when the client_verify keyword has been set.

eg:

kore.domain("kore.io", cert="cert.pem", key="key.pem",
    client_verify="cacert.pem", verify_depth=1, crl="crl.pem")
This commit is contained in:
Joris Vink 2022-08-18 10:43:10 +02:00
parent 56875abc6b
commit 52ff37c5be
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/python.c
View File

@ -2221,11 +2221,12 @@ python_kore_domain(PyObject *self, PyObject *args, PyObject *kwargs)
long depth;
const char *name;
struct pydomain *domain;
const char *cert, *key, *ca, *attach;
const char *cert, *key, *ca, *attach, *crl;
ca = NULL;
depth = -1;
key = NULL;
crl = NULL;
cert = NULL;
attach = NULL;
@ -2282,6 +2283,7 @@ python_kore_domain(PyObject *self, PyObject *args, PyObject *kwargs)
"invalid depth '%d'", depth);
return (NULL);
}
crl = python_string_from_dict(kwargs, "crl");
}
} else if (key != NULL || cert != NULL || ca != NULL) {
kore_log(LOG_INFO, "ignoring tls settings for '%s'", name);
@ -2319,6 +2321,8 @@ python_kore_domain(PyObject *self, PyObject *args, PyObject *kwargs)
if (ca != NULL) {
domain->config->cafile = kore_strdup(ca);
domain->config->x509_verify_depth = depth;
if (crl != NULL)
domain->config->crlfile = kore_strdup(crl);
}
}