From: Sebastian Harl Date: Wed, 18 Feb 2015 12:05:24 +0000 (+0100) Subject: store::network: Added support for SSL configuration options. X-Git-Tag: sysdb-0.7.0~4 X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=566874e57ea5c80fe32fc2986afb3e6563cded9f;p=sysdb.git store::network: Added support for SSL configuration options. --- diff --git a/src/plugins/store/network.c b/src/plugins/store/network.c index 9f55d23..2d41bae 100644 --- a/src/plugins/store/network.c +++ b/src/plugins/store/network.c @@ -35,6 +35,7 @@ #include "utils/error.h" #include "utils/proto.h" #include "utils/os.h" +#include "utils/ssl.h" #include "liboconfig/utils.h" @@ -54,6 +55,7 @@ typedef struct { sdb_client_t *client; char *addr; char *username; + sdb_ssl_options_t ssl_opts; } user_data_t; #define UD(obj) ((user_data_t *)(obj)) #define CLIENT(obj) UD(SDB_OBJ_WRAPPER(obj)->data)->client @@ -76,6 +78,8 @@ user_data_destroy(void *obj) free(ud->username); ud->username = NULL; + sdb_ssl_free_options(&ud->ssl_opts); + free(ud); } /* user_data_destroy */ @@ -223,7 +227,7 @@ store_config_server(oconfig_item_t *ci) { sdb_object_t *user_data; user_data_t *ud; - + int ret = 0; int i; ud = calloc(1, sizeof(*ud)); @@ -261,20 +265,55 @@ store_config_server(oconfig_item_t *ci) for (i = 0; i < ci->children_num; ++i) { oconfig_item_t *child = ci->children + i; - - if (! strcasecmp(child->key, "Username")) - oconfig_get_string(child, &ud->username); + char *tmp = NULL; + + if (! strcasecmp(child->key, "Username")) { + if (oconfig_get_string(child, &tmp)) { + ret = -1; + break; + } + ud->username = strdup(tmp); + } + else if (! strcasecmp(child->key, "SSLCertificate")) { + if (oconfig_get_string(child, &tmp)) { + ret = -1; + break; + } + ud->ssl_opts.cert_file = strdup(tmp); + } + else if (! strcasecmp(child->key, "SSLCertificateKey")) { + if (oconfig_get_string(child, &tmp)) { + ret = -1; + break; + } + ud->ssl_opts.key_file = strdup(tmp); + } + else if (! strcasecmp(child->key, "SSLCACertificates")) { + if (oconfig_get_string(child, &tmp)) { + ret = -1; + break; + } + ud->ssl_opts.ca_file = strdup(tmp); + } else sdb_log(SDB_LOG_WARNING, "store::network: Ignoring " "unknown config option '%s' inside .", child->key, ud->addr); } - if (ud->username) - ud->username = strdup(ud->username); + if (ret) { + user_data_destroy(ud); + return ret; + } if (! ud->username) ud->username = sdb_get_current_user(); + if (sdb_client_set_ssl_options(ud->client, &ud->ssl_opts)) { + sdb_log(SDB_LOG_ERR, "store::network: Failed to apply SSL options"); + user_data_destroy(ud); + return -1; + } + user_data = sdb_object_create_wrapper("store-network-userdata", ud, user_data_destroy); if (! user_data) {