Support crls for kore.domain() in Python. - kore - Kore is a web application platform for writing scalable, concurrent web based processes in C or Python.

commit 52ff37c5be249646b98a02212d3351fde4cac565
parent 56875abc6b392e3d4975a3f18212ae0e13ee1ab0
Author: Joris Vink <joris@coders.se>
Date:   Thu, 18 Aug 2022 10:43:10 +0200

Support crls for kore.domain() in Python.

The crl keyword is parsed when the client_verify keyword has been set.

eg:

kore.domain("kore.io", cert="cert.pem", key="key.pem",
    client_verify="cacert.pem", verify_depth=1, crl="crl.pem")

Diffstat:
src/python.c  | 6 +++++-

1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/python.c b/src/python.c
@@ -2221,11 +2221,12 @@ python_kore_domain(PyObject *self, PyObject *args, PyObject *kwargs)
 	long			depth;
 	const char		*name;
 	struct pydomain		*domain;
-	const char		*cert, *key, *ca, *attach;
+	const char		*cert, *key, *ca, *attach, *crl;
 
 	ca = NULL;
 	depth = -1;
 	key = NULL;
+	crl = NULL;
 	cert = NULL;
 	attach = NULL;
 
@@ -2282,6 +2283,7 @@ python_kore_domain(PyObject *self, PyObject *args, PyObject *kwargs)
 				    "invalid depth '%d'", depth);
 				return (NULL);
 			}
+			crl = python_string_from_dict(kwargs, "crl");
 		}
 	} else if (key != NULL || cert != NULL || ca != NULL) {
 		kore_log(LOG_INFO, "ignoring tls settings for '%s'", name);
@@ -2319,6 +2321,8 @@ python_kore_domain(PyObject *self, PyObject *args, PyObject *kwargs)
 		if (ca != NULL) {
 			domain->config->cafile = kore_strdup(ca);
 			domain->config->x509_verify_depth = depth;
+			if (crl != NULL)
+				domain->config->crlfile = kore_strdup(crl);
 		}
 	}

	kore Kore is a web application platform for writing scalable, concurrent web based processes in C or Python.
	Commits \| Files \| Refs \| README \| LICENSE \| git clone https://git.kore.io/kore.git