Use configPath to load TLS cert/priv

master
C. McEnroe 2020-08-20 14:56:13 -04:00
parent f432bd72fa
commit d9a0364cb4
3 changed files with 23 additions and 50 deletions

14
chat.c
View File

@ -220,19 +220,7 @@ int main(int argc, char *argv[]) {
editCompleteAdd(); editCompleteAdd();
commandCompleteAdd(); commandCompleteAdd();
FILE *certFile = NULL; ircConfig(insecure, cert, priv);
FILE *privFile = NULL;
if (cert) {
certFile = configOpen(cert, "r");
if (!certFile) return EX_NOINPUT;
}
if (priv) {
privFile = configOpen(priv, "r");
if (!privFile) return EX_NOINPUT;
}
ircConfig(insecure, certFile, privFile);
if (certFile) fclose(certFile);
if (privFile) fclose(privFile);
uiInit(); uiInit();
if (save) { if (save) {

2
chat.h
View File

@ -172,7 +172,7 @@ struct Message {
char *params[ParamCap]; char *params[ParamCap];
}; };
void ircConfig(bool insecure, FILE *cert, FILE *priv); void ircConfig(bool insecure, const char *cert, const char *priv);
int ircConnect(const char *bind, const char *host, const char *port); int ircConnect(const char *bind, const char *host, const char *port);
void ircRecv(void); void ircRecv(void);
void ircSend(const char *ptr, size_t len); void ircSend(const char *ptr, size_t len);

55
irc.c
View File

@ -27,6 +27,7 @@
#include <assert.h> #include <assert.h>
#include <err.h> #include <err.h>
#include <limits.h>
#include <netdb.h> #include <netdb.h>
#include <netinet/in.h> #include <netinet/in.h>
#include <stdarg.h> #include <stdarg.h>
@ -43,22 +44,7 @@
struct tls *client; struct tls *client;
static byte *readFile(size_t *len, FILE *file) { void ircConfig(bool insecure, const char *cert, const char *priv) {
struct stat stat;
int error = fstat(fileno(file), &stat);
if (error) err(EX_IOERR, "fstat");
byte *buf = malloc(stat.st_size);
if (!buf) err(EX_OSERR, "malloc");
rewind(file);
*len = fread(buf, 1, stat.st_size, file);
if (ferror(file)) err(EX_IOERR, "fread");
return buf;
}
void ircConfig(bool insecure, FILE *cert, FILE *priv) {
struct tls_config *config = tls_config_new(); struct tls_config *config = tls_config_new();
if (!config) errx(EX_SOFTWARE, "tls_config_new"); if (!config) errx(EX_SOFTWARE, "tls_config_new");
@ -75,29 +61,28 @@ void ircConfig(bool insecure, FILE *cert, FILE *priv) {
tls_config_insecure_noverifyname(config); tls_config_insecure_noverifyname(config);
} }
const char *path;
const char *dirs;
char buf[PATH_MAX];
if (cert) { if (cert) {
size_t len; dirs = NULL;
byte *buf = readFile(&len, cert); while (NULL != (path = configPath(buf, sizeof(buf), &dirs, cert))) {
error = tls_config_set_cert_mem(config, buf, len); if (priv) {
if (error) { error = tls_config_set_cert_file(config, path);
errx( } else {
EX_CONFIG, "tls_config_set_cert_mem: %s", error = tls_config_set_keypair_file(config, path, path);
tls_config_error(config) }
); if (!error) break;
}
if (error) errx(EX_NOINPUT, "%s: %s", cert, tls_config_error(config));
} }
if (priv) { if (priv) {
free(buf); dirs = NULL;
buf = readFile(&len, priv); while (NULL != (path = configPath(buf, sizeof(buf), &dirs, priv))) {
error = tls_config_set_key_file(config, path);
if (!error) break;
} }
error = tls_config_set_key_mem(config, buf, len); if (error) errx(EX_NOINPUT, "%s: %s", priv, tls_config_error(config));
if (error) {
errx(
EX_CONFIG, "tls_config_set_key_mem: %s",
tls_config_error(config)
);
}
explicit_bzero(buf, len);
free(buf);
} }
client = tls_client(); client = tls_client();