diff options
| author | Raimo Niskanen <[email protected]> | 2017-12-04 15:51:47 +0100 |
|---|---|---|
| committer | Raimo Niskanen <[email protected]> | 2017-12-04 15:51:47 +0100 |
| commit | 1a5dd04e0958681a72984eba6b3cf026aaec0155 (patch) | |
| tree | fdbafe851d7d16ff4b5c1406f6133f5f9257cd41 /lib/public_key/src/public_key.erl | |
| parent | 82ba688773599f59215d395ac5dec7c862e1358b (diff) | |
| parent | 964d2987e754d77327d7d11918c04c028be35a5d (diff) | |
| download | otp-1a5dd04e0958681a72984eba6b3cf026aaec0155.tar.gz otp-1a5dd04e0958681a72984eba6b3cf026aaec0155.tar.bz2 otp-1a5dd04e0958681a72984eba6b3cf026aaec0155.zip | |
Merge branch 'raimo/ssl-dist-optfile-backport/OTP-14657' into maint
* raimo/ssl-dist-optfile-backport/OTP-14657:
Use SNI when connecting
Use -ssl_dist_optfile options
Read in -ssl_dist_optfile to ETS
Facilitate test certs with common root
Stop checking DNS name for SNI
Diffstat (limited to 'lib/public_key/src/public_key.erl')
| -rw-r--r-- | lib/public_key/src/public_key.erl | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl index 6788c1ee92..034126655c 100644 --- a/lib/public_key/src/public_key.erl +++ b/lib/public_key/src/public_key.erl @@ -59,7 +59,8 @@ pkix_crl_verify/2, pkix_crl_issuer/1, short_name_hash/1, - pkix_test_data/1 + pkix_test_data/1, + pkix_test_root_cert/2 ]). -export_type([public_key/0, private_key/0, pem_entry/0, @@ -1033,10 +1034,12 @@ short_name_hash({rdnSequence, _Attributes} = Name) -> %%-------------------------------------------------------------------- --spec pkix_test_data(#{chain_type() := pubkey_cert:chain_opts()}) -> - pubkey_cert:test_config(). +-spec pkix_test_data(#{chain_type() := pubkey_cert:chain_opts()} | + pubkey_cert:chain_opts()) -> + pubkey_cert:test_config() | + [pubkey_cert:conf_opt()]. -%% Description: Generates OpenSSL-style hash of a name. +%% Description: Generates cert(s) and ssl configuration %%-------------------------------------------------------------------- pkix_test_data(#{client_chain := ClientChain0, @@ -1045,7 +1048,21 @@ pkix_test_data(#{client_chain := ClientChain0, ClientChain = maps:merge(Default, ClientChain0), ServerChain = maps:merge(Default, ServerChain0), pubkey_cert:gen_test_certs(#{client_chain => ClientChain, - server_chain => ServerChain}). + server_chain => ServerChain}); +pkix_test_data(#{} = Chain) -> + Default = #{intermediates => []}, + pubkey_cert:gen_test_certs(maps:merge(Default, Chain)). + +%%-------------------------------------------------------------------- +-spec pkix_test_root_cert( + Name :: string(), Opts :: [pubkey_cert:cert_opt()]) -> + pubkey_cert:test_root_cert(). + +%% Description: Generates a root cert suitable for pkix_test_data/1 +%%-------------------------------------------------------------------- + +pkix_test_root_cert(Name, Opts) -> + pubkey_cert:root_cert(Name, Opts). %%-------------------------------------------------------------------- %%% Internal functions |