Open mbsteixeira opened 1 month ago
bool initSSL(const std::string& certificate, const std::string& privatekey, bool isclient=false) { std::call_once(initCryptoThreadSafeSupportOnceFlag, InitCryptoThreadSafeSupport);
if (mOpenSSLCTX != nullptr) { return false; } mOpenSSLCTX = SSL_CTX_new(SSLv23_method()); if(isclient && mOpenSSLCTX) return true; if (certificate.empty() || privatekey.empty()) { return false; } SSL_CTX_set_client_CA_list(mOpenSSLCTX, SSL_load_client_CA_file(certificate.c_str())); SSL_CTX_set_verify_depth(mOpenSSLCTX, 10); if (SSL_CTX_use_certificate_chain_file(mOpenSSLCTX, certificate.c_str()) <= 0) { SSL_CTX_free(mOpenSSLCTX); mOpenSSLCTX = nullptr; return false; } if (SSL_CTX_use_PrivateKey_file(mOpenSSLCTX, privatekey.c_str(), SSL_FILETYPE_PEM) <= 0) { SSL_CTX_free(mOpenSSLCTX); mOpenSSLCTX = nullptr; return false; } if (!SSL_CTX_check_private_key(mOpenSSLCTX)) { SSL_CTX_free(mOpenSSLCTX); mOpenSSLCTX = nullptr; return false; } return true; }
Or we could put the initialization of the lock in a separate function?
Agree, this option is more efficient!
@mbsteixeira Hello, I do it in #144 . please try the master branch.
bool initSSL(const std::string& certificate, const std::string& privatekey, bool isclient=false) { std::call_once(initCryptoThreadSafeSupportOnceFlag, InitCryptoThreadSafeSupport);