Provide an option to specify cert/key on commandline.

While here, document new options and fix mandoc lint warnings.
author: Sunil Nimmagadda <sunil@esdenera.com> 2017-01-09 15:30:35 +0500
committer: Sunil Nimmagadda <sunil@esdenera.com> 2017-01-09 15:30:35 +0500
commit: 44593728dbb10317a8ec0ca60e1ca7bbb8989d98 (patch)
tree: a68852b6a7cb9b9800abee51a2782874df02d763 /ssl.c
parent: cccc2eb125674423d902d77a4abd6e30fd0ace67 (diff)
1 files changed, 5 insertions, 7 deletions
diff --git a/ssl.c b/ssl.c
index fce300f..9d1af2a 100644
--- a/ssl.c
+++ b/ssl.c
@@ -33,8 +33,6 @@
 
 #define SSL_CIPHERS		"HIGH"
 #define SSL_SESSION_TIMEOUT	300
-#define CERTFILE		"/etc/ssl/server.crt"
-#define KEYFILE			"/etc/ssl/private/server.key"
 
 static char *ssl_load_file(const char *, off_t *);
 
@@ -52,7 +50,7 @@ ssl_init(void)
 }
 
 void *
-ssl_setup(void)
+ssl_setup(const char *certfile, const char *keyfile)
 {
 	SSL_CTX *ctx = NULL;
 	char	*cert, *key;
@@ -73,13 +71,13 @@ ssl_setup(void)
 	    SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
 
 	/* SSL certificate, key loading */
-	cert = ssl_load_file(CERTFILE, &cert_len);
+	cert = ssl_load_file(certfile, &cert_len);
 	if (cert == NULL)
-		fatal("ssl_load_file: Unable to load " CERTFILE);
+		fatal("ssl_load_file: certificate");
 
-	key = ssl_load_file(KEYFILE, &key_len);
+	key = ssl_load_file(keyfile, &key_len);
 	if (key == NULL)
-		fatal("ssl_load_file: Unable to load " KEYFILE);
+		fatal("ssl_load_file: key");
 
 	if (!SSL_CTX_set_cipher_list(ctx, SSL_CIPHERS))
 		goto err;
author	Sunil Nimmagadda <sunil@esdenera.com>	2017-01-09 15:30:35 +0500
committer	Sunil Nimmagadda <sunil@esdenera.com>	2017-01-09 15:30:35 +0500
commit	44593728dbb10317a8ec0ca60e1ca7bbb8989d98 (patch)
tree	a68852b6a7cb9b9800abee51a2782874df02d763 /ssl.c
parent	cccc2eb125674423d902d77a4abd6e30fd0ace67 (diff)