Implement API for adding custom roots via a string (#178)

* Implement API for adding custom roots via a string. SocketTLSOptions API design needs work, but the IXSocketOpenSSL implementation feels good to me. * Improve API design for specifying roots from memory. * Add in-memory root CAs mbedtls implementation. * Fix bug in newer versions of OpenSSL with in-memory certificate handling.
2020-04-24 18:32:11 -04:00
parent 646b18bf28
commit 677f79b0ea
5 changed files with 115 additions and 34 deletions
--- a/ixwebsocket/IXSocketOpenSSL.h
+++ b/ixwebsocket/IXSocketOpenSSL.h
@ -40,6 +40,7 @@ namespace ix
        void openSSLInitialize();
        std::string getSSLError(int ret);
        SSL_CTX* openSSLCreateContext(std::string& errMsg);
+        bool openSSLAddCARootsFromString(const std::string roots);
        bool openSSLClientHandshake(const std::string& hostname,
                                    std::string& errMsg,
                                    const CancellationRequest& isCancellationRequested);