summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gemini/tlsUtils.ml18
-rw-r--r--gemini/tlsUtils.mli5
2 files changed, 15 insertions, 8 deletions
diff --git a/gemini/tlsUtils.ml b/gemini/tlsUtils.ml
index 584221b..b0d65ae 100644
--- a/gemini/tlsUtils.ml
+++ b/gemini/tlsUtils.ml
@@ -2,6 +2,7 @@ module type TLS_UTILS =
sig
type authenticator = X509_lwt.authenticator Lwt.t
type ciphers = Tls.Ciphersuite.ciphersuite list
+ type own_cert = Tls.Config.own_cert
val null_auth : authenticator
@@ -11,15 +12,16 @@ sig
-> X509.Distinguished_name.t
-> (Tls.Config.certchain, string) result
- (*val connect : authenticator:authenticator -> ?peer_name:string ->
- ?ciphers:ciphers -> string * int
- -> (Lwt_io.input_channel * Lwt_io.output_channel) Lwt.t *)
+ val connect : authenticator:authenticator -> ?peer_name:string ->
+ ?ciphers:ciphers -> ?own_cert:own_cert -> string * int
+ -> (Lwt_io.input_channel * Lwt_io.output_channel) Lwt.t
end
module TlsUtils : TLS_UTILS =
struct
- type authenticator = X509.Authenticator.t Lwt.t
+ type authenticator = X509_lwt.authenticator Lwt.t
type ciphers = Tls.Ciphersuite.ciphersuite list
+ type own_cert = Tls.Config.own_cert
let null_auth = Lwt.return (fun ~host:_ -> fun _ -> Ok None)
@@ -42,13 +44,13 @@ struct
| Ok cert -> Ok ([cert], priv)
| Error _ -> Error "Unable to sign")
- (*let connect authenticator ?peer_name ?(ciphers=Tls.Config.Ciphers.default)
- (host, port) =
+ let connect ~authenticator ?peer_name ?(ciphers=Tls.Config.Ciphers.default)
+ ?(own_cert=`None) (host, port) =
let peer_name = match peer_name with
| Some name -> name
| None -> host in
+ let%lwt authenticator = authenticator in
Tls_lwt.connect_ext
Tls.Config.(client ~peer_name:peer_name ~authenticator
- ~ciphers ()) (host, port)
- *)
+ ~ciphers ~certificates:own_cert ()) (host, port)
end
diff --git a/gemini/tlsUtils.mli b/gemini/tlsUtils.mli
index 35a674d..a0d89ff 100644
--- a/gemini/tlsUtils.mli
+++ b/gemini/tlsUtils.mli
@@ -2,6 +2,7 @@ module type TLS_UTILS =
sig
type authenticator = X509_lwt.authenticator Lwt.t
type ciphers = Tls.Ciphersuite.ciphersuite list
+ type own_cert = Tls.Config.own_cert
val null_auth : authenticator
@@ -10,6 +11,10 @@ sig
val self_sign : ?bits:int -> ?days:int
-> X509.Distinguished_name.t
-> (Tls.Config.certchain, string) result
+
+ val connect : authenticator:authenticator -> ?peer_name:string ->
+ ?ciphers:ciphers -> ?own_cert:own_cert -> string * int
+ -> (Lwt_io.input_channel * Lwt_io.output_channel) Lwt.t
end
module TlsUtils : TLS_UTILS