From d307fab507804344e283137d05bbdd7493f23233 Mon Sep 17 00:00:00 2001
From: jesopo <github@lolnerd.net>
Date: Mon, 17 Sep 2018 10:55:39 +0100
Subject: [PATCH] Add support for TLS client certificate/key

---
 IRCServer.py     | 7 +++++++
 bot.conf.example | 2 ++
 2 files changed, 9 insertions(+)

diff --git a/IRCServer.py b/IRCServer.py
index fe77e771..a94567b9 100644
--- a/IRCServer.py
+++ b/IRCServer.py
@@ -85,8 +85,15 @@ class Server(object):
         context.options |= ssl.OP_NO_SSLv2
         context.options |= ssl.OP_NO_SSLv3
         context.options |= ssl.OP_NO_TLSv1
+
         context.load_default_certs()
         context.verify_mode = ssl.CERT_REQUIRED
+
+        client_certificate = self.bot.config.get("ssl-certificate", None)
+        client_key = self.bot.config.get("ssl-key", None)
+        if client_certificate and client_key:
+            context.load_cert_chain(client_certificate, keyfile=client_key)
+
         self.socket = context.wrap_socket(self.socket)
 
     def connect(self):
diff --git a/bot.conf.example b/bot.conf.example
index 0fafb253..91a94f8b 100644
--- a/bot.conf.example
+++ b/bot.conf.example
@@ -1,4 +1,6 @@
 [bot]
+ssl-certificate          =
+ssl-key                  =
 openweathermap-api-key   =
 wolframalpha-api-key     =
 google-api-key           =