diff --git a/spectrum/src/sample.cfg b/spectrum/src/sample.cfg index 84067742..85030ced 100644 --- a/spectrum/src/sample.cfg +++ b/spectrum/src/sample.cfg @@ -6,6 +6,8 @@ port = 5222 server_mode = 1 backend_host=localhost # < this option doesn't work yet backend_port=10001 +#cert= #patch to PKCS#12 certificate +#cert_password= #password to that certificate if any users_per_backend=2 backend=../../backends/libpurple/libpurple_backend #backend=../../backends/libircclient-qt/libircclient-qt_backend diff --git a/src/config.cpp b/src/config.cpp index 22931b1a..c7ead4ca 100644 --- a/src/config.cpp +++ b/src/config.cpp @@ -42,6 +42,8 @@ bool Config::load(const std::string &configfile, boost::program_options::options ("service.users_per_backend", value()->default_value(100), "Number of users per one legacy network backend") ("service.backend_host", value()->default_value("localhost"), "Host to bind backend server to") ("service.backend_port", value()->default_value("10000"), "Port to bind backend server to") + ("service.cert", value()->default_value(""), "PKCS#12 Certificate.") + ("service.cert_password", value()->default_value(""), "PKCS#12 Certificate password.") ("registration.enable_public_registration", value()->default_value(true), "True if users should be able to register.") ("registration.language", value()->default_value("en"), "Default language for registration form") ("registration.instructions", value()->default_value(""), "Instructions showed to user in registration form") diff --git a/src/transport.cpp b/src/transport.cpp index 82a5d68a..4695b9a2 100644 --- a/src/transport.cpp +++ b/src/transport.cpp @@ -71,8 +71,10 @@ Component::Component(Swift::EventLoop *loop, Config *config, Factory *factory) { if (CONFIG_BOOL(m_config, "service.server_mode")) { m_userRegistry = new MyUserRegistry(this); m_server = new Swift::Server(loop, m_factories, m_userRegistry, m_jid, CONFIG_INT(m_config, "service.port")); - TLSServerContextFactory *f = new OpenSSLServerContextFactory(); -// m_server->addTLSEncryption(f, PKCS12Certificate("localhost.p12", createSafeByteArray(""))); + if (!CONFIG_STRING(m_config, "service.cert").empty()) { + TLSServerContextFactory *f = new OpenSSLServerContextFactory(); + m_server->addTLSEncryption(f, PKCS12Certificate(CONFIG_STRING(m_config, "service.cert"), createSafeByteArray(CONFIG_STRING(m_config, "service.cert_password")))); + } m_server->start(); m_stanzaChannel = m_server->getStanzaChannel(); m_iqRouter = m_server->getIQRouter();