kore

An easy to use, scalable and secure web application framework for writing web APIs in C.
Commits | Files | Refs | README | LICENSE | git clone https://git.kore.io/kore.git

commit 52ff37c5be249646b98a02212d3351fde4cac565
parent 56875abc6b392e3d4975a3f18212ae0e13ee1ab0
Author: Joris Vink <joris@coders.se>
Date:   Thu, 18 Aug 2022 10:43:10 +0200

Support crls for kore.domain() in Python.

The crl keyword is parsed when the client_verify keyword has been set.

eg:

kore.domain("kore.io", cert="cert.pem", key="key.pem",
    client_verify="cacert.pem", verify_depth=1, crl="crl.pem")

Diffstat:
src/python.c | 6+++++-
1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/python.c b/src/python.c @@ -2221,11 +2221,12 @@ python_kore_domain(PyObject *self, PyObject *args, PyObject *kwargs) long depth; const char *name; struct pydomain *domain; - const char *cert, *key, *ca, *attach; + const char *cert, *key, *ca, *attach, *crl; ca = NULL; depth = -1; key = NULL; + crl = NULL; cert = NULL; attach = NULL; @@ -2282,6 +2283,7 @@ python_kore_domain(PyObject *self, PyObject *args, PyObject *kwargs) "invalid depth '%d'", depth); return (NULL); } + crl = python_string_from_dict(kwargs, "crl"); } } else if (key != NULL || cert != NULL || ca != NULL) { kore_log(LOG_INFO, "ignoring tls settings for '%s'", name); @@ -2319,6 +2321,8 @@ python_kore_domain(PyObject *self, PyObject *args, PyObject *kwargs) if (ca != NULL) { domain->config->cafile = kore_strdup(ca); domain->config->x509_verify_depth = depth; + if (crl != NULL) + domain->config->crlfile = kore_strdup(crl); } }