diff options
author | C. McEnroe | 2020-08-20 14:56:13 -0400 |
---|---|---|
committer | C. McEnroe | 2020-08-20 14:56:13 -0400 |
commit | d9a0364cb4b917d775948f74f79ead206549d4e1 (patch) | |
tree | d417acd1e49560969e3b57d2b667bcad410e41cf /irc.c | |
parent | f432bd72fa30c75f215626abdaf9b41609c670df (diff) |
Use configPath to load TLS cert/priv
Diffstat (limited to 'irc.c')
-rw-r--r-- | irc.c | 57 |
1 files changed, 21 insertions, 36 deletions
diff --git a/irc.c b/irc.c index 59b467c..b87351c 100644 --- a/irc.c +++ b/irc.c @@ -27,6 +27,7 @@ #include <assert.h> #include <err.h> +#include <limits.h> #include <netdb.h> #include <netinet/in.h> #include <stdarg.h> @@ -43,22 +44,7 @@ struct tls *client; -static byte *readFile(size_t *len, FILE *file) { - struct stat stat; - int error = fstat(fileno(file), &stat); - if (error) err(EX_IOERR, "fstat"); - - byte *buf = malloc(stat.st_size); - if (!buf) err(EX_OSERR, "malloc"); - - rewind(file); - *len = fread(buf, 1, stat.st_size, file); - if (ferror(file)) err(EX_IOERR, "fread"); - - return buf; -} - -void ircConfig(bool insecure, FILE *cert, FILE *priv) { +void ircConfig(bool insecure, const char *cert, const char *priv) { struct tls_config *config = tls_config_new(); if (!config) errx(EX_SOFTWARE, "tls_config_new"); @@ -75,29 +61,28 @@ void ircConfig(bool insecure, FILE *cert, FILE *priv) { tls_config_insecure_noverifyname(config); } + const char *path; + const char *dirs; + char buf[PATH_MAX]; if (cert) { - size_t len; - byte *buf = readFile(&len, cert); - error = tls_config_set_cert_mem(config, buf, len); - if (error) { - errx( - EX_CONFIG, "tls_config_set_cert_mem: %s", - tls_config_error(config) - ); - } - if (priv) { - free(buf); - buf = readFile(&len, priv); + dirs = NULL; + while (NULL != (path = configPath(buf, sizeof(buf), &dirs, cert))) { + if (priv) { + error = tls_config_set_cert_file(config, path); + } else { + error = tls_config_set_keypair_file(config, path, path); + } + if (!error) break; } - error = tls_config_set_key_mem(config, buf, len); - if (error) { - errx( - EX_CONFIG, "tls_config_set_key_mem: %s", - tls_config_error(config) - ); + if (error) errx(EX_NOINPUT, "%s: %s", cert, tls_config_error(config)); + } + if (priv) { + dirs = NULL; + while (NULL != (path = configPath(buf, sizeof(buf), &dirs, priv))) { + error = tls_config_set_key_file(config, path); + if (!error) break; } - explicit_bzero(buf, len); - free(buf); + if (error) errx(EX_NOINPUT, "%s: %s", priv, tls_config_error(config)); } client = tls_client(); |