diff options
| author | Marius Halden <marius.h@lden.org> | 2015-11-08 08:58:37 +0100 |
|---|---|---|
| committer | Marius Halden <marius.h@lden.org> | 2016-05-07 14:26:17 +0200 |
| commit | f6119b76d73b9cdff3cbfd902675a36bcacbcd48 (patch) | |
| tree | 6c6f1581fd53a5b3094bfdc46838c2c893760a20 /conf.c | |
| parent | f0ff36f558329d096526004d4d912973bafd3904 (diff) | |
Start adding ssl support
Diffstat (limited to 'conf.c')
| -rw-r--r-- | conf.c | 39 |
1 files changed, 39 insertions, 0 deletions
@@ -70,6 +70,11 @@ conf_t *conf_load(int argc, char *argv[]) conf->ft_listen = NULL; conf->protocols = NULL; conf->cafile = NULL; +#ifdef WITH_GNUTLS + conf->ssl = FALSE; + conf->ssl_cert = NULL; + conf->ssl_key = NULL; +#endif /* WITH_GNUTLS */ proxytype = 0; i = conf_loadini(conf, global.conf_file); @@ -171,6 +176,23 @@ conf_t *conf_load(int argc, char *argv[]) return NULL; } +#ifdef WITH_GNUTLS + if (conf->ssl && (!conf->ssl_cert || !conf->ssl_key)) { + fprintf(stderr, "Error: SSL enabled but cert or key is missing\n"); + return NULL; + } + + if (conf->ssl && conf->ssl_cert && access(conf->ssl_cert, R_OK) != 0) { + fprintf(stderr, "Error: Could not read SSL Cert %s: %s\n", conf->ssl_cert, strerror(errno)); + return NULL; + } + + if (conf->ssl && conf->ssl_key && access(conf->ssl_key, R_OK) != 0) { + fprintf(stderr, "Error: Could not read SSL Key %s: %s\n", conf->ssl_key, strerror(errno)); + return NULL; + } +#endif /* WITH_GNUTLS */ + return conf; } @@ -343,6 +365,23 @@ static int conf_loadini(conf_t *conf, char *file) } else if (g_strcasecmp(ini->key, "cafile") == 0) { g_free(conf->cafile); conf->cafile = g_strdup(ini->value); +#ifdef WITH_GNUTLS + } else if (g_strcasecmp(ini->key, "ssl") == 0) { + if (g_strcasecmp(ini->value, "true") == 0) { + conf->ssl = TRUE; + } else if (g_strcasecmp(ini->value, "false") == 0) { + conf->ssl = FALSE; + } else { + fprintf(stderr, "Invalid %s value: %s\n", ini->key, ini->value); + return 0; + } + } else if (g_strcasecmp(ini->key, "ssl_cert") == 0) { + g_free(conf->ssl_cert); + conf->ssl_cert; + } else if (g_strcasecmp(ini->key, "ssl_key") == 0) { + g_free(conf->ssl_key); + conf->ssl_key; +#endif /* WITH_GNUTLS */ } else { fprintf(stderr, "Error: Unknown setting `%s` in configuration file (line %d).\n", ini->key, ini->line); |