EV-ClickHouse
view release on metacpan or search on metacpan
else
SSL_CTX_set_verify(self->ssl_ctx, SSL_VERIFY_PEER, NULL);
if (self->tls_ca_file) {
if (SSL_CTX_load_verify_locations(self->ssl_ctx, self->tls_ca_file, NULL) != 1) {
capture_tls_error(self);
fail_connection(self, "SSL_CTX_load_verify_locations failed");
return;
}
}
/* Mutual TLS: load client certificate + private key when both
* are configured. SSL_CTX_check_private_key verifies that the
* private key matches the loaded certificate's public half. */
if (self->tls_cert_file && self->tls_key_file) {
if (SSL_CTX_use_certificate_chain_file(self->ssl_ctx, self->tls_cert_file) != 1) {
capture_tls_error(self);
fail_connection(self, "SSL_CTX_use_certificate_chain_file failed");
return;
}
if (SSL_CTX_use_PrivateKey_file(self->ssl_ctx, self->tls_key_file, SSL_FILETYPE_PEM) != 1) {
capture_tls_error(self);
fail_connection(self, "SSL_CTX_use_PrivateKey_file failed");
return;
}
if (SSL_CTX_check_private_key(self->ssl_ctx) != 1) {
capture_tls_error(self);
fail_connection(self, "TLS client cert / private key mismatch");
return;
}
} else if (self->tls_cert_file || self->tls_key_file) {
fail_connection(self, "tls_cert_file and tls_key_file must both be set");
return;
}
self->ssl = SSL_new(self->ssl_ctx);
if (!self->ssl) {
( run in 1.017 second using v1.01-cache-2.11-cpan-13bb782fe5a )