From 97c50f9dfedc863df2f7296a8094dff8de90ebbc Mon Sep 17 00:00:00 2001
From: liuziheng <liuziheng@huawei.com>
Date: Sun, 22 Oct 2023 22:50:37 +0800
Subject: [PATCH] support multi cert

Signed-off-by: liuziheng <liuziheng@huawei.com>
---
 .../examples/async_https_outside.rs           |  3 ++
 .../src/util/c_openssl/adapter.rs             | 40 +++++++++++++++----
 2 files changed, 35 insertions(+), 8 deletions(-)

diff --git a/ylong_http_client/examples/async_https_outside.rs b/ylong_http_client/examples/async_https_outside.rs
index 1fca795..16a6f16 100644
--- a/ylong_http_client/examples/async_https_outside.rs
+++ b/ylong_http_client/examples/async_https_outside.rs
@@ -10,6 +10,9 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
+
+//! This is a simple asynchronous HTTPS client example.
+
 #[cfg(feature = "tokio_base")]
 use ylong_http_client::async_impl::{Client, Downloader};
 #[cfg(feature = "tokio_base")]
diff --git a/ylong_http_client/src/util/c_openssl/adapter.rs b/ylong_http_client/src/util/c_openssl/adapter.rs
index e4d6708..dd335f4 100644
--- a/ylong_http_client/src/util/c_openssl/adapter.rs
+++ b/ylong_http_client/src/util/c_openssl/adapter.rs
@@ -41,6 +41,7 @@ pub struct TlsConfigBuilder {
     inner: Result<SslContextBuilder, ErrorStack>,
     use_sni: bool,
     verify_hostname: bool,
+    certs_list: Vec<Cert>,
 }
 
 impl TlsConfigBuilder {
@@ -58,6 +59,7 @@ impl TlsConfigBuilder {
             inner: SslContext::builder(SslMethod::tls_client()),
             use_sni: true,
             verify_hostname: true,
+            certs_list: vec![],
         }
     }
 
@@ -214,13 +216,28 @@ impl TlsConfigBuilder {
     }
 
     /// Adds custom root certificate.
-    pub fn add_root_certificates(mut self, certs: Certificate) -> Self {
-        for cert in certs.inner {
-            self.inner = self.inner.and_then(|mut builder| {
-                { Ok(builder.cert_store_mut()).map(|store| store.add_cert(cert.0)) }
-                    .map(|_| builder)
-            });
-        }
+    ///
+    /// # Examples
+    ///
+    /// ```
+    ///     use ylong_http_client::async_impl::Client;
+    ///     use ylong_http_client::{Certificate, TlsVersion};
+    ///
+    ///     let cert1 = Certificate::from_pem(include_bytes!("../../../tests/file/root-ca.pem"))?;
+    ///     let cert2 = Certificate::from_pem(include_bytes!("../../../tests/file/cert.pem"))?;
+    ///
+    ///     // Creates a `Client`
+    ///     let client = Client::builder()
+    ///         .tls_built_in_root_certs(false)
+    ///         .danger_accept_invalid_certs(false)
+    ///         .max_tls_version(TlsVersion::TLS_1_2)
+    ///         .min_tls_version(TlsVersion::TLS_1_2)
+    ///         .add_root_certificate(cert1)
+    ///         .add_root_certificate(cert2)
+    ///         .build()?;
+    /// ```
+    pub fn add_root_certificates(mut self, mut certs: Certificate) -> Self {
+        self.certs_list.append(&mut certs.inner);
         self
     }
 
@@ -363,7 +380,14 @@ impl TlsConfigBuilder {
     ///     .cipher_list("DEFAULT:!aNULL:!eNULL:!MD5:!3DES:!DES:!RC4:!IDEA:!SEED:!aDSS:!SRP:!PSK")
     ///     .build();
     /// ```
-    pub fn build(self) -> Result<TlsConfig, HttpClientError> {
+    pub fn build(mut self) -> Result<TlsConfig, HttpClientError> {
+        for cert in self.certs_list {
+            self.inner = self.inner.and_then(|mut builder| {
+                { Ok(builder.cert_store_mut()).map(|store| store.add_cert(cert.0)) }
+                    .map(|_| builder)
+            });
+        }
+
         let ctx = self
             .inner
             .map(|builder| builder.build())
-- 
Gitee