Add PKCS11 URL as a possible TLS key

The current interface expects a file name for the key. This commit allows a PKCS11 URL to pass the setter validation. The API can be used as in this example: mosquitto_tls_set(mosq, cafile, capath, certfile, "pkcs11:token=...", pw_callback); mosquitto_string_option(mosq, MOSQ_OPT_TLS_ENGINE, "pkcs11"); mosquitto_string_option(mosq, MOSQ_OPT_TLS_KEYFORM, "engine"); Signed-off-by: Matt Woelfel <[email protected]>
eclipse · Sep 9, 2020 · 99aa723 · 99aa723
1 parent cd33670
commit 99aa723
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/lib/options.c b/lib/options.c
@@ -175,6 +175,7 @@ int mosquitto_tls_set(struct mosquitto *mosq, const char *cafile, const char *ca
  fptr = mosquitto__fopen(keyfile, "rt", false);
  if(fptr){
  fclose(fptr);
+ }else if (!strncmp(keyfile, "pkcs11:", strlen("pkcs11:"))){
  }else{
  mosquitto__free(mosq->tls_cafile);
  mosq->tls_cafile = NULL;