diff options
| author | Luke Bratch <luke@bratch.co.uk> | 2019-05-12 21:41:49 +0100 |
|---|---|---|
| committer | Luke Bratch <luke@bratch.co.uk> | 2019-05-12 21:41:49 +0100 |
| commit | 9064f7b9c347f913089bfea94d65ad3afc11ccf4 (patch) | |
| tree | eb323c6c20fd000461053d44f7fc2be5fd76df50 | |
| parent | 03b15b2a99dee16998d08e17652bb49555c8560d (diff) | |
Make certificate and key file paths configurable.
| -rw-r--r-- | blabouncer.c | 16 | ||||
| -rw-r--r-- | blabouncer.conf | 6 | ||||
| -rw-r--r-- | sockets.c | 6 | ||||
| -rw-r--r-- | sockets.h | 2 |
4 files changed, 25 insertions, 5 deletions
diff --git a/blabouncer.c b/blabouncer.c index 13e91c1..dcfdd1b 100644 --- a/blabouncer.c +++ b/blabouncer.c @@ -104,6 +104,8 @@ struct settings { char ircserver[HOST_NAME_MAX]; char ircserverport[MAXPORTLEN]; char conffile[PATH_MAX]; + char certfile[PATH_MAX]; + char keyfile[PATH_MAX]; }; // Return index of requested client FD within arr_clients @@ -1080,7 +1082,7 @@ void dochat(int *serversockfd, int *clientsockfd, struct settings *settings) { // Initialise OpenSSL init_openssl(); ctx = create_context(); - configure_context(ctx); + configure_context(ctx, settings->certfile, settings->keyfile); while (1) { printf("top of loop, fdmax %d.\n", fdmax); @@ -1328,6 +1330,18 @@ int main(int argc, char *argv[]) { exit(1); } + // What is the certificate file path? + if (!getconfstr("certfile", settings.conffile, settings.certfile)) { + printf("main(): error getting 'certfile' from configuration file.\n"); + exit(1); + } + + // What is the certificate key file path? + if (!getconfstr("keyfile", settings.conffile, settings.keyfile)) { + printf("main(): error getting 'keyfile' from configuration file.\n"); + exit(1); + } + // TODO: see if any of this can be shared (i.e. 1. avoid code duplication, and 2. see if variables can be shared between client/server sockets) // TODO: track fdmax - kind of doing this now with arr_clients and num_clients but might be pointlessly tracking both in some places (?) diff --git a/blabouncer.conf b/blabouncer.conf index 466fb37..3428960 100644 --- a/blabouncer.conf +++ b/blabouncer.conf @@ -22,3 +22,9 @@ ircserver = "irc.blatech.net" # Real IRC server port ircserverport = "6667" + +# Certificate file +certfile = "cert.pem" + +# Certificate key file +keyfile = "key.pem" @@ -151,16 +151,16 @@ SSL_CTX *create_context() { return ctx; } -void configure_context(SSL_CTX *ctx) { +void configure_context(SSL_CTX *ctx, char *certfile, char *keyfile) { SSL_CTX_set_ecdh_auto(ctx, 1); /* Set the key and cert */ - if (SSL_CTX_use_certificate_file(ctx, "cert.pem", SSL_FILETYPE_PEM) <= 0) { + if (SSL_CTX_use_certificate_file(ctx, certfile, SSL_FILETYPE_PEM) <= 0) { ERR_print_errors_fp(stderr); exit(EXIT_FAILURE); } - if (SSL_CTX_use_PrivateKey_file(ctx, "key.pem", SSL_FILETYPE_PEM) <= 0 ) { + if (SSL_CTX_use_PrivateKey_file(ctx, keyfile, SSL_FILETYPE_PEM) <= 0 ) { ERR_print_errors_fp(stderr); exit(EXIT_FAILURE); } @@ -32,6 +32,6 @@ void cleanup_openssl(); SSL_CTX *create_context(); -void configure_context(SSL_CTX *ctx); +void configure_context(SSL_CTX *ctx, char *certfile, char *keyfile); #endif |