diff options
author | C. McEnroe | 2020-08-20 14:56:13 -0400 |
---|---|---|
committer | C. McEnroe | 2020-08-20 14:56:13 -0400 |
commit | d9a0364cb4b917d775948f74f79ead206549d4e1 (patch) | |
tree | d417acd1e49560969e3b57d2b667bcad410e41cf | |
parent | f432bd72fa30c75f215626abdaf9b41609c670df (diff) |
Use configPath to load TLS cert/priv
-rw-r--r-- | chat.c | 14 | ||||
-rw-r--r-- | chat.h | 2 | ||||
-rw-r--r-- | irc.c | 57 |
3 files changed, 23 insertions, 50 deletions
diff --git a/chat.c b/chat.c index 2a16b06..6befdde 100644 --- a/chat.c +++ b/chat.c @@ -220,19 +220,7 @@ int main(int argc, char *argv[]) { editCompleteAdd(); commandCompleteAdd(); - FILE *certFile = NULL; - FILE *privFile = NULL; - if (cert) { - certFile = configOpen(cert, "r"); - if (!certFile) return EX_NOINPUT; - } - if (priv) { - privFile = configOpen(priv, "r"); - if (!privFile) return EX_NOINPUT; - } - ircConfig(insecure, certFile, privFile); - if (certFile) fclose(certFile); - if (privFile) fclose(privFile); + ircConfig(insecure, cert, priv); uiInit(); if (save) { diff --git a/chat.h b/chat.h index 60273bc..6b4de93 100644 --- a/chat.h +++ b/chat.h @@ -172,7 +172,7 @@ struct Message { char *params[ParamCap]; }; -void ircConfig(bool insecure, FILE *cert, FILE *priv); +void ircConfig(bool insecure, const char *cert, const char *priv); int ircConnect(const char *bind, const char *host, const char *port); void ircRecv(void); void ircSend(const char *ptr, size_t len); diff --git a/irc.c b/irc.c index 59b467c..b87351c 100644 --- a/irc.c +++ b/irc.c @@ -27,6 +27,7 @@ #include <assert.h> #include <err.h> +#include <limits.h> #include <netdb.h> #include <netinet/in.h> #include <stdarg.h> @@ -43,22 +44,7 @@ struct tls *client; -static byte *readFile(size_t *len, FILE *file) { - struct stat stat; - int error = fstat(fileno(file), &stat); - if (error) err(EX_IOERR, "fstat"); - - byte *buf = malloc(stat.st_size); - if (!buf) err(EX_OSERR, "malloc"); - - rewind(file); - *len = fread(buf, 1, stat.st_size, file); - if (ferror(file)) err(EX_IOERR, "fread"); - - return buf; -} - -void ircConfig(bool insecure, FILE *cert, FILE *priv) { +void ircConfig(bool insecure, const char *cert, const char *priv) { struct tls_config *config = tls_config_new(); if (!config) errx(EX_SOFTWARE, "tls_config_new"); @@ -75,29 +61,28 @@ void ircConfig(bool insecure, FILE *cert, FILE *priv) { tls_config_insecure_noverifyname(config); } + const char *path; + const char *dirs; + char buf[PATH_MAX]; if (cert) { - size_t len; - byte *buf = readFile(&len, cert); - error = tls_config_set_cert_mem(config, buf, len); - if (error) { - errx( - EX_CONFIG, "tls_config_set_cert_mem: %s", - tls_config_error(config) - ); - } - if (priv) { - free(buf); - buf = readFile(&len, priv); + dirs = NULL; + while (NULL != (path = configPath(buf, sizeof(buf), &dirs, cert))) { + if (priv) { + error = tls_config_set_cert_file(config, path); + } else { + error = tls_config_set_keypair_file(config, path, path); + } + if (!error) break; } - error = tls_config_set_key_mem(config, buf, len); - if (error) { - errx( - EX_CONFIG, "tls_config_set_key_mem: %s", - tls_config_error(config) - ); + if (error) errx(EX_NOINPUT, "%s: %s", cert, tls_config_error(config)); + } + if (priv) { + dirs = NULL; + while (NULL != (path = configPath(buf, sizeof(buf), &dirs, priv))) { + error = tls_config_set_key_file(config, path); + if (!error) break; } - explicit_bzero(buf, len); - free(buf); + if (error) errx(EX_NOINPUT, "%s: %s", priv, tls_config_error(config)); } client = tls_client(); |