diff options
| author | jsing <> | 2016-07-06 16:16:36 +0000 |
|---|---|---|
| committer | jsing <> | 2016-07-06 16:16:36 +0000 |
| commit | c6881b696b1fa5d3e6966b53235e4c76d0574048 (patch) | |
| tree | dd36a8def4c5396baa868a5a3d3d3fa3785f19dd /src/lib/libtls/tls_internal.h | |
| parent | c6b61bddec1634e2d244575d39a9e88063218f88 (diff) | |
| download | openbsd-c6881b696b1fa5d3e6966b53235e4c76d0574048.tar.gz openbsd-c6881b696b1fa5d3e6966b53235e4c76d0574048.tar.bz2 openbsd-c6881b696b1fa5d3e6966b53235e4c76d0574048.zip | |
Always load CA, key and certificate files at the time the configuration
function is called. This simplifies code and results in a single memory
based code path being used to provide data to libssl. Errors that occur
when accessing the specified file are now detected and propagated
immediately. Since the file access now occurs when the configuration
function is called, we now play nicely with privsep/pledge.
ok beck@ bluhm@ doug@
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libtls/tls_internal.h | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/src/lib/libtls/tls_internal.h b/src/lib/libtls/tls_internal.h index 745fb40c76..b7a1530c96 100644 --- a/src/lib/libtls/tls_internal.h +++ b/src/lib/libtls/tls_internal.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls_internal.h,v 1.29 2016/05/27 14:38:40 jsing Exp $ */ | 1 | /* $OpenBSD: tls_internal.h,v 1.30 2016/07/06 16:16:36 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org> | 3 | * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org> |
| 4 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 4 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
| @@ -42,10 +42,8 @@ struct tls_error { | |||
| 42 | struct tls_keypair { | 42 | struct tls_keypair { |
| 43 | struct tls_keypair *next; | 43 | struct tls_keypair *next; |
| 44 | 44 | ||
| 45 | const char *cert_file; | ||
| 46 | char *cert_mem; | 45 | char *cert_mem; |
| 47 | size_t cert_len; | 46 | size_t cert_len; |
| 48 | const char *key_file; | ||
| 49 | char *key_mem; | 47 | char *key_mem; |
| 50 | size_t key_len; | 48 | size_t key_len; |
| 51 | }; | 49 | }; |
| @@ -53,7 +51,6 @@ struct tls_keypair { | |||
| 53 | struct tls_config { | 51 | struct tls_config { |
| 54 | struct tls_error error; | 52 | struct tls_error error; |
| 55 | 53 | ||
| 56 | const char *ca_file; | ||
| 57 | const char *ca_path; | 54 | const char *ca_path; |
| 58 | char *ca_mem; | 55 | char *ca_mem; |
| 59 | size_t ca_len; | 56 | size_t ca_len; |