diff options
author | Sunil Nimmagadda <sunil@esdenera.com> | 2017-01-09 15:30:35 +0500 |
---|---|---|
committer | Sunil Nimmagadda <sunil@esdenera.com> | 2017-01-09 15:30:35 +0500 |
commit | 44593728dbb10317a8ec0ca60e1ca7bbb8989d98 (patch) | |
tree | a68852b6a7cb9b9800abee51a2782874df02d763 /ssl.c | |
parent | cccc2eb125674423d902d77a4abd6e30fd0ace67 (diff) |
Provide an option to specify cert/key on commandline.
While here, document new options and fix mandoc lint warnings.
Diffstat (limited to 'ssl.c')
-rw-r--r-- | ssl.c | 12 |
1 files changed, 5 insertions, 7 deletions
@@ -33,8 +33,6 @@ #define SSL_CIPHERS "HIGH" #define SSL_SESSION_TIMEOUT 300 -#define CERTFILE "/etc/ssl/server.crt" -#define KEYFILE "/etc/ssl/private/server.key" static char *ssl_load_file(const char *, off_t *); @@ -52,7 +50,7 @@ ssl_init(void) } void * -ssl_setup(void) +ssl_setup(const char *certfile, const char *keyfile) { SSL_CTX *ctx = NULL; char *cert, *key; @@ -73,13 +71,13 @@ ssl_setup(void) SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION); /* SSL certificate, key loading */ - cert = ssl_load_file(CERTFILE, &cert_len); + cert = ssl_load_file(certfile, &cert_len); if (cert == NULL) - fatal("ssl_load_file: Unable to load " CERTFILE); + fatal("ssl_load_file: certificate"); - key = ssl_load_file(KEYFILE, &key_len); + key = ssl_load_file(keyfile, &key_len); if (key == NULL) - fatal("ssl_load_file: Unable to load " KEYFILE); + fatal("ssl_load_file: key"); if (!SSL_CTX_set_cipher_list(ctx, SSL_CIPHERS)) goto err; |