summaryrefslogtreecommitdiff
path: root/lib/conf.c
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordu.net>2010-11-11 10:30:35 +0100
committerLinus Nordberg <linus@nordu.net>2010-11-11 10:30:35 +0100
commit83e82dba47aced4a93f9e431b4d8bca94c2f8517 (patch)
tree7ff1779ea924d557b6ded9bd21c0cc8a65f062dd /lib/conf.c
parentf9b25cad24ec4e3e89e818457beb29cbe08eed0c (diff)
Bringing up TLS connections working.
NOTE: Clean up of resources not yet sane. Expect resource leakages. NOTE: Most failure cases are not handled properly. With the wind at your back and the sun shining, it might work.
Diffstat (limited to 'lib/conf.c')
-rw-r--r--lib/conf.c23
1 files changed, 22 insertions, 1 deletions
diff --git a/lib/conf.c b/lib/conf.c
index cedb84c..c235ffe 100644
--- a/lib/conf.c
+++ b/lib/conf.c
@@ -1,3 +1,9 @@
+/* See the file COPYING for licensing information. */
+
+#if defined HAVE_CONFIG_H
+#include <config.h>
+#endif
+
#include <confuse.h>
#include <string.h>
#include <radsec/radsec.h>
@@ -6,7 +12,11 @@
#if 0
# example of client config
config NAME {
- type = "UDP|TCP|TLS|DTLS"
+ type = "UDP"|"TCP"|"TLS"|"DTLS"
+ cacertfile = STRING
+ #cacertpath = STRING
+ certfile = STRING
+ certkeyfile = STRING
server {
hostname = STRING
service = STRING
@@ -33,6 +43,10 @@ rs_context_read_config(struct rs_context *ctx, const char *config_file)
cfg_opt_t config_opts[] =
{
CFG_STR ("type", "UDP", CFGF_NONE),
+ CFG_STR ("cacertfile", NULL, CFGF_NONE),
+ /*CFG_STR ("cacertpath", NULL, CFGF_NONE),*/
+ CFG_STR ("certfile", NULL, CFGF_NONE),
+ CFG_STR ("certkeyfile", NULL, CFGF_NONE),
CFG_SEC ("server", server_opts, CFGF_MULTI),
CFG_END ()
};
@@ -62,6 +76,7 @@ rs_context_read_config(struct rs_context *ctx, const char *config_file)
ctx->realms = r;
cfg_config = cfg_getnsec (cfg, "config", i);
r->name = strdup (cfg_title (cfg_config));
+
typestr = cfg_getstr (cfg_config, "type");
if (!strcmp (typestr, "UDP"))
r->type = RS_CONN_TYPE_UDP;
@@ -75,6 +90,11 @@ rs_context_read_config(struct rs_context *ctx, const char *config_file)
return rs_err_ctx_push_fl (ctx, RSE_CONFIG, __FILE__, __LINE__,
"%s: invalid connection type", typestr);
+ r->cacertfile = cfg_getstr (cfg_config, "cacertfile");
+ /*r->cacertpath = cfg_getstr (cfg_config, "cacertpath");*/
+ r->certfile = cfg_getstr (cfg_config, "certfile");
+ r->certkeyfile = cfg_getstr (cfg_config, "certkeyfile");
+
/* Add peers, one per server stanza. */
for (j = 0; j < cfg_size (cfg_config, "server"); j++)
{
@@ -82,6 +102,7 @@ rs_context_read_config(struct rs_context *ctx, const char *config_file)
if (!p)
return rs_err_ctx_push_fl (ctx, RSE_NOMEM, __FILE__, __LINE__,
NULL);
+ p->realm = r;
cfg_server = cfg_getnsec (cfg_config, "server", j);
_rs_resolv (&p->addr, r->type, cfg_getstr (cfg_server, "hostname"),