Support for loading a trusted CA file

externfn!(fn SSL_CTX_free(ctx: *SSL_CTX))

externfn!(fn SSL_CTX_set_verify(ctx: *SSL_CTX, mode: c_int,

                                verify_callback: Option<extern "C" fn(int, *X509_STORE_CTX) -> c_int>))

externfn!(fn SSL_CTX_load_verify_locations(ctx: *SSL_CTX, CAfile: *c_char,

                                           CApath: *c_char) -> c_int)

externfn!(fn SSL_new(ctx: *SSL_CTX) -> *SSL)

externfn!(fn SSL_free(ssl: *SSL))

    pub fn set_verify(&mut self, mode: SslVerifyMode) {

        unsafe { ffi::SSL_CTX_set_verify(self.ctx, mode as c_int, None) }

    }

    pub fn set_verify_locations(&mut self, CAfile: &str) {

        do CAfile.with_c_str |CAfile| {

            unsafe { ffi::SSL_CTX_load_verify_locations(self.ctx, CAfile,

                                                        ptr::null()); }

        }

    }

}

pub enum SslVerifyMode {

extern mod ssl;

use std::rt::io::{Writer, Reader};

use std::rt::io::extensions::{ReaderUtil};

use std::rt::io::Writer;

use std::rt::io::extensions::ReaderUtil;

use std::rt::io::net::tcp::TcpStream;

use std::vec;

use std::str;

use ssl::{Sslv23, SslCtx, SslStream, SslVerifyPeer};

}

#[test]

fn test_verify() {

fn test_verify_untrusted() {

    let stream = TcpStream::connect(FromStr::from_str("127.0.0.1:15418").unwrap()).unwrap();

    let mut ctx = SslCtx::new(Sslv23);

    ctx.set_verify(SslVerifyPeer);

    }

}

#[test]

fn test_verify_trusted() {

    let stream = TcpStream::connect(FromStr::from_str("127.0.0.1:15418").unwrap()).unwrap();

    let mut ctx = SslCtx::new(Sslv23);

    ctx.set_verify(SslVerifyPeer);

    ctx.set_verify_locations("cert.pem");

    match SslStream::new(ctx, stream) {

        Ok(_) => (),

        Err(err) => fail2!("Expected success, got {:?}", err)

    }

}

#[test]

fn test_write() {

    let stream = TcpStream::connect(FromStr::from_str("127.0.0.1:15418").unwrap()).unwrap();