diff options
| author | Shauren <shauren.trinity@gmail.com> | 2023-07-26 20:59:15 +0200 |
|---|---|---|
| committer | Shauren <shauren.trinity@gmail.com> | 2023-07-26 20:59:15 +0200 |
| commit | f94e341a0314bc956726e11dfb435e09b7ee696f (patch) | |
| tree | 3a5d4860e87b27680b07914dfd8dd5f0372796ef /src/server/bnetserver | |
| parent | fb7bf0bfecfd258019a3809ef1fef71621176f98 (diff) | |
Core/Bnet: Support password protected private keys
Diffstat (limited to 'src/server/bnetserver')
| -rw-r--r-- | src/server/bnetserver/Server/SslContext.cpp | 11 | ||||
| -rw-r--r-- | src/server/bnetserver/bnetserver.conf.dist | 7 |
2 files changed, 15 insertions, 3 deletions
diff --git a/src/server/bnetserver/Server/SslContext.cpp b/src/server/bnetserver/Server/SslContext.cpp index d40698ef9f6..69cb1b1f8db 100644 --- a/src/server/bnetserver/Server/SslContext.cpp +++ b/src/server/bnetserver/Server/SslContext.cpp @@ -16,8 +16,8 @@ */ #include "SslContext.h" -#include "Log.h" #include "Config.h" +#include "Log.h" bool Battlenet::SslContext::Initialize() { @@ -33,7 +33,12 @@ bool Battlenet::SslContext::Initialize() std::string certificateChainFile = sConfigMgr->GetStringDefault("CertificatesFile", "./bnetserver.cert.pem"); std::string privateKeyFile = sConfigMgr->GetStringDefault("PrivateKeyFile", "./bnetserver.key.pem"); - LOAD_CHECK(instance().set_options(boost::asio::ssl::context::no_sslv3, err)); + auto passwordCallback = [](std::size_t /*max_length*/, boost::asio::ssl::context::password_purpose /*purpose*/) -> std::string + { + return sConfigMgr->GetStringDefault("PrivateKeyPassword", ""); + }; + + LOAD_CHECK(instance().set_password_callback(passwordCallback, err)); LOAD_CHECK(instance().use_certificate_chain_file(certificateChainFile, err)); LOAD_CHECK(instance().use_private_key_file(privateKeyFile, boost::asio::ssl::context::pem, err)); @@ -44,6 +49,6 @@ bool Battlenet::SslContext::Initialize() boost::asio::ssl::context& Battlenet::SslContext::instance() { - static boost::asio::ssl::context context(boost::asio::ssl::context::sslv23); + static boost::asio::ssl::context context(boost::asio::ssl::context::tls); return context; } diff --git a/src/server/bnetserver/bnetserver.conf.dist b/src/server/bnetserver/bnetserver.conf.dist index 9aecb28297b..bd74ad5ab90 100644 --- a/src/server/bnetserver/bnetserver.conf.dist +++ b/src/server/bnetserver/bnetserver.conf.dist @@ -112,6 +112,13 @@ CertificatesFile = "./bnetserver.cert.pem" PrivateKeyFile = "./bnetserver.key.pem" # +# PrivateKeyPassword +# Description: Password used to encrypt private key. +# Default: "" + +PrivateKeyPassword = "" + +# # UseProcessors # Description: Processors mask for Windows and Linux based multi-processor systems. # Example: A computer with 2 CPUs: |