M: rsa dispose* handle>> RSA_free ;
+: needs-rsa-key ( ctx -- ? )
+ handle>> SSL_CTX_need_tmp_rsa 0 = not ; inline
+
: generate-eph-rsa-key ( ctx -- )
- [ handle>> ]
- [| ctx |
- RSA_new :> rsa-struct
- rsa-struct
- ctx config>> ephemeral-key-bits>>
- RSA_F4 number>bn &BN_clear_free
- f RSA_generate_key_ex
- ssl-error rsa-struct <rsa> &dispose handle>>
- ] bi
- SSL_CTX_set_tmp_rsa ssl-error ;
+ dup needs-rsa-key [
+ [ handle>> ]
+ [| ctx |
+ RSA_new :> rsa-struct
+ rsa-struct
+ ctx config>> ephemeral-key-bits>>
+ RSA_F4 number>bn &BN_clear_free
+ f RSA_generate_key_ex
+ ssl-error rsa-struct <rsa> &dispose handle>>
+ ] bi
+ SSL_CTX_set_tmp_rsa ssl-error ] [ drop ] if ;
: <openssl-context> ( config ctx -- context )
openssl-context new-disposable
FUNCTION: void* BIO_f_ssl ( )
+: SSL_CTX_need_tmp_rsa ( ctx -- n )
+ SSL_CTRL_NEED_TMP_RSA 0 f SSL_CTX_ctrl ;
+
: SSL_CTX_set_tmp_rsa ( ctx rsa -- n )
[ SSL_CTRL_SET_TMP_RSA 0 ] dip SSL_CTX_ctrl ;