Bridge client cert from SessionProxy to TLSBox

2018-08-23 17:42:30 +02:00 · 2018-08-23 17:42:30 +02:00 · a4c109a916
parent b7a48d4f4f
commit a4c109a916
2 changed files with 18 additions and 2 deletions
--- a/TunnelKit/Sources/Core/SessionProxy+Configuration.swift
+++ b/TunnelKit/Sources/Core/SessionProxy+Configuration.swift
@ -91,6 +91,12 @@ extension SessionProxy {
 //        @available(*, deprecated)
        public var LZOFraming: Bool
    
+        /// The path to the optional client certificate for TLS negotiation (PEM format).
+        public var clientCertificatePath: String?
+        
+        /// The path to the private key for the certificate at `clientCertificatePath` (PEM format).
+        public var clientKeyPath: String?
+        
        /// Sends periodical keep-alive packets if set.
        public var keepAliveInterval: TimeInterval?
        
@ -104,6 +110,8 @@ extension SessionProxy {
            cipher = .aes128cbc
            digest = .sha1
            caPath = nil
+            clientCertificatePath = nil
+            clientKeyPath = nil
            LZOFraming = false
            keepAliveInterval = nil
            renegotiatesAfter = nil
@ -121,6 +129,8 @@ extension SessionProxy {
                cipher: cipher,
                digest: digest,
                caPath: caPath,
+                clientCertificatePath: clientCertificatePath,
+                clientKeyPath: clientKeyPath,
                LZOFraming: LZOFraming,
                keepAliveInterval: keepAliveInterval,
                renegotiatesAfter: renegotiatesAfter
@ -146,6 +156,12 @@ extension SessionProxy {
        /// - Seealso: `SessionProxy.ConfigurationBuilder.caPath`
        public let caPath: String?
        
+        /// - Seealso: `SessionProxy.ConfigurationBuilder.clientCertificatePath`
+        public let clientCertificatePath: String?
+        
+        /// - Seealso: `SessionProxy.ConfigurationBuilder.clientKeyPath`
+        public let clientKeyPath: String?
+        
        /// - Seealso: `SessionProxy.ConfigurationBuilder.LZOFraming`
        public let LZOFraming: Bool

--- a/TunnelKit/Sources/Core/SessionProxy.swift
+++ b/TunnelKit/Sources/Core/SessionProxy.swift
@ -769,8 +769,8 @@ public class SessionProxy {

            negotiationKey.tlsOptional = TLSBox(
                caPath: configuration.caPath,
-                clientCertificatePath: nil,
-                clientKeyPath: nil
+                clientCertificatePath: configuration.clientCertificatePath,
+                clientKeyPath: configuration.clientKeyPath
            )
            do {
                try negotiationKey.tls.start()