From d307fab507804344e283137d05bbdd7493f23233 Mon Sep 17 00:00:00 2001
From: jesopo
Date: Mon, 17 Sep 2018 10:55:39 +0100
Subject: Add support for TLS client certificate/key

---
 IRCServer.py | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'IRCServer.py')

diff --git a/IRCServer.py b/IRCServer.py
index fe77e771..a94567b9 100644
--- a/IRCServer.py
+++ b/IRCServer.py
@@ -85,8 +85,15 @@ class Server(object):
         context.options |= ssl.OP_NO_SSLv2
         context.options |= ssl.OP_NO_SSLv3
         context.options |= ssl.OP_NO_TLSv1
+
         context.load_default_certs()
         context.verify_mode = ssl.CERT_REQUIRED
+
+        client_certificate = self.bot.config.get("ssl-certificate", None)
+        client_key = self.bot.config.get("ssl-key", None)
+        if client_certificate and client_key:
+            context.load_cert_chain(client_certificate, keyfile=client_key)
+
         self.socket = context.wrap_socket(self.socket)
 
     def connect(self):
-- 
cgit v1.3.1-10-gc9f91