On 7/15/07, Francis Cianfrocca <garbagecat10 at gmail.com>
wrote:> On 7/15/07, snacktime <snacktime at gmail.com> wrote:
>
> > I made a quick patch to em so it will try to read the key/cert from a
> > file if it exists in the cwd, and if not use the hardcoded default.
> > If I added a function in rubymain.cpp to set the location of the pem
> > file, where in em would be the right place to set it? It should be in
> > the same scope as start_tls I would think. I''m checking for
the pem
> > file in InitializeDefaultCredentials().
>
>
> So are you thinking about a keypair and cert to use for a server, or a
> server pubkey and cert-chain to use with a client?
The key/cert for the server. It was easy enough to have it read from
a file so I figured why not.
> Are there any good clues as to a proper API in the Ruby OpenSSL library?
Not that I know of. What about a function in ssl.cp that calls a
ruby method to read a yaml file? Let''s call it GetSslConfig. The
first time it''s called it could suck in the entire ssl config and put
it in a struct, so it only calls into ruby once.
InitializeDefaultCredentials would call GetSslConfig with a host/port
and get back a key and cert for that host/port combination.
But if you do that it kind of makes sense to go ahead and have a
global config file that''s not just for the ssl config. It might come
in handy for other things and it would suck to have to rewrite it
later on.
I''m not much of a C programmer but I can probably do most of the grunt
work with a little guidance on how to structure it.
Chris