From f43a5a005c42ac8b5af245c3cce3945ab9e024e3 Mon Sep 17 00:00:00 2001
From: Sergey Lyubka <valenok@gmail.com>
Date: Tue, 14 Dec 2021 13:04:11 +0000
Subject: [PATCH] Introduce custom TLS init function

---
 mongoose.c        | 6 ++++++
 mongoose.h        | 1 +
 src/tls.h         | 1 +
 src/tls_mbed.c    | 3 +++
 src/tls_openssl.c | 3 +++
 5 files changed, 14 insertions(+)

diff --git a/mongoose.c b/mongoose.c
index 86326a58..2b74754a 100644
--- a/mongoose.c
+++ b/mongoose.c
@@ -3780,6 +3780,9 @@ void mg_tls_init(struct mg_connection *c, struct mg_tls_opts *opts) {
   if (tls == NULL) {
     mg_error(c, "TLS OOM");
     goto fail;
+  } else if (opts->ifn != NULL && opts->ifn(opts) != 0) {
+    mg_error(c, "TLS custom init failed");
+    goto fail;
   }
   LOG(LL_DEBUG, ("%lu Setting TLS, CA: %s, CRL: %s, cert: %s, key: %s", c->id,
                  ca, crl, cert, certkey));
@@ -3945,6 +3948,9 @@ void mg_tls_init(struct mg_connection *c, struct mg_tls_opts *opts) {
   if (tls == NULL) {
     mg_error(c, "TLS OOM");
     goto fail;
+  } else if (opts->ifn != NULL && opts->ifn(opts) != 0) {
+    mg_error(c, "TLS custom init failed");
+    goto fail;
   }
 
   if (!s_initialised) {
diff --git a/mongoose.h b/mongoose.h
index 7599767e..02c89347 100644
--- a/mongoose.h
+++ b/mongoose.h
@@ -930,6 +930,7 @@ struct mg_tls_opts {
   const char *certkey;    // Certificate key
   const char *ciphers;    // Cipher list
   struct mg_str srvname;  // If not empty, enables server name verification
+  int (*ifn)(struct mg_tls_opts *);  // Custom init func. Return 0 on success
 };
 
 void mg_tls_init(struct mg_connection *, struct mg_tls_opts *);
diff --git a/src/tls.h b/src/tls.h
index 704c366e..41662147 100644
--- a/src/tls.h
+++ b/src/tls.h
@@ -11,6 +11,7 @@ struct mg_tls_opts {
   const char *certkey;    // Certificate key
   const char *ciphers;    // Cipher list
   struct mg_str srvname;  // If not empty, enables server name verification
+  int (*ifn)(struct mg_tls_opts *);  // Custom init func. Return 0 on success
 };
 
 void mg_tls_init(struct mg_connection *, struct mg_tls_opts *);
diff --git a/src/tls_mbed.c b/src/tls_mbed.c
index f1dc8b3c..cfe192e0 100644
--- a/src/tls_mbed.c
+++ b/src/tls_mbed.c
@@ -58,6 +58,9 @@ void mg_tls_init(struct mg_connection *c, struct mg_tls_opts *opts) {
   if (tls == NULL) {
     mg_error(c, "TLS OOM");
     goto fail;
+  } else if (opts->ifn != NULL && opts->ifn(opts) != 0) {
+    mg_error(c, "TLS custom init failed");
+    goto fail;
   }
   LOG(LL_DEBUG, ("%lu Setting TLS, CA: %s, CRL: %s, cert: %s, key: %s", c->id,
                  ca, crl, cert, certkey));
diff --git a/src/tls_openssl.c b/src/tls_openssl.c
index 0772f7ff..bc69b7e5 100644
--- a/src/tls_openssl.c
+++ b/src/tls_openssl.c
@@ -28,6 +28,9 @@ void mg_tls_init(struct mg_connection *c, struct mg_tls_opts *opts) {
   if (tls == NULL) {
     mg_error(c, "TLS OOM");
     goto fail;
+  } else if (opts->ifn != NULL && opts->ifn(opts) != 0) {
+    mg_error(c, "TLS custom init failed");
+    goto fail;
   }
 
   if (!s_initialised) {