+static unsigned long id_callback(void)
+{
+ return (unsigned long) pthread_self();
+}
+
+ /*
+ * Set up the cert things on the server side. We do need both the
+ * private key (in key_file) and the cert (in cert_file).
+ * Both files may be identical.
+ *
+ * This function is taken from OpenSSL apps/s_cb.c
+ */
+
+static int set_cert_stuff(SSL_CTX * ctx,
+ const char *cert_file, const char *key_file)
+{
+ if (cert_file != NULL) {
+ if (SSL_CTX_use_certificate_file(ctx, cert_file,
+ SSL_FILETYPE_PEM) <= 0) {
+ lprintf(3, "unable to get certificate from '%s'",
+ cert_file);
+ return (0);
+ }
+ if (key_file == NULL)
+ key_file = cert_file;
+ if (SSL_CTX_use_PrivateKey_file(ctx, key_file,
+ SSL_FILETYPE_PEM) <= 0) {
+ lprintf(3, "unable to get private key from '%s'",
+ key_file);
+ return (0);
+ }
+ /* Now we know that a key and cert have been set against
+ * the SSL context */
+ if (!SSL_CTX_check_private_key(ctx)) {
+ lprintf(3,
+ "Private key does not match the certificate public key");
+ return (0);
+ }
+ }
+ return (1);