Implement API for adding custom roots via a string (#178)

* Implement API for adding custom roots via a string. SocketTLSOptions API design needs work, but the IXSocketOpenSSL implementation feels good to me. * Improve API design for specifying roots from memory. * Add in-memory root CAs mbedtls implementation. * Fix bug in newer versions of OpenSSL with in-memory certificate handling.
2020-04-24 18:32:11 -04:00
parent 646b18bf28
commit 677f79b0ea
5 changed files with 115 additions and 34 deletions
--- a/ixwebsocket/IXSocketTLSOptions.cpp
+++ b/ixwebsocket/IXSocketTLSOptions.cpp
@ -58,6 +58,10 @@ namespace ix
        return caFile == kTLSCAFileUseSystemDefaults;
    }

+    bool SocketTLSOptions::isUsingInMemoryCAs() const {
+        return caFile.find("-----BEGIN CERTIFICATE-----") != std::string::npos;
+    }
+
    bool SocketTLSOptions::isPeerVerifyDisabled() const
    {
        return caFile == kTLSCAFileDisableVerify;