diff options
| author | Pierre-Yves Ritschard <pyr@cvs.openbsd.org> | 2007-09-27 13:34:23 +0000 |
|---|---|---|
| committer | Pierre-Yves Ritschard <pyr@cvs.openbsd.org> | 2007-09-27 13:34:23 +0000 |
| commit | 9dc14ddbc786648e7ebc2d7286890734a0a4ec1a (patch) | |
| tree | aa11b918c3ac0fde2a7f1aa3a68d6ccfb02d632e /usr.sbin/relayd/ssl_privsep.c | |
| parent | dcd40fca81b8b00a42f5c0f4bad178d01883107d (diff) | |
Simplify ssl_privsep.c, since it won't need to remain synced with the
equivalent openssl functions.
Diffstat (limited to 'usr.sbin/relayd/ssl_privsep.c')
| -rw-r--r-- | usr.sbin/relayd/ssl_privsep.c | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/usr.sbin/relayd/ssl_privsep.c b/usr.sbin/relayd/ssl_privsep.c index ce332033694..8c01196a111 100644 --- a/usr.sbin/relayd/ssl_privsep.c +++ b/usr.sbin/relayd/ssl_privsep.c @@ -60,6 +60,7 @@ * Adapted from openssl's ssl_rsa.c by Pierre-Yves Ritschard . */ +#include <unistd.h> #include <stdio.h> #include <openssl/err.h> #include <openssl/bio.h> @@ -69,13 +70,12 @@ #include <openssl/pem.h> #include <openssl/ssl.h> -int ssl_ctx_use_private_key(SSL_CTX *, int, int); +int ssl_ctx_use_private_key(SSL_CTX *, int); int ssl_ctx_use_certificate_chain(SSL_CTX *, int); int -ssl_ctx_use_private_key(SSL_CTX *ctx, int fd, int type) +ssl_ctx_use_private_key(SSL_CTX *ctx, int fd) { - int j; int ret; FILE *fp; BIO *in; @@ -83,6 +83,9 @@ ssl_ctx_use_private_key(SSL_CTX *ctx, int fd, int type) ret = 0; pkey = NULL; + if (lseek(fd, 0, SEEK_SET) == -1) + return (ret); + if ((fp = fdopen(fd, "r")) == NULL) { SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB); return (ret); @@ -92,18 +95,13 @@ ssl_ctx_use_private_key(SSL_CTX *ctx, int fd, int type) goto end; } - if (type == SSL_FILETYPE_PEM) { - j = ERR_R_PEM_LIB; - pkey = PEM_read_bio_PrivateKey(in, NULL, - ctx->default_passwd_callback, - ctx->default_passwd_callback_userdata); - } else { - SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, - SSL_R_BAD_SSL_FILETYPE); - goto end; - } + pkey = PEM_read_bio_PrivateKey(in, NULL, + ctx->default_passwd_callback, + ctx->default_passwd_callback_userdata); + if (pkey == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, j); + SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, + ERR_R_PEM_LIB); goto end; } ret = SSL_CTX_use_PrivateKey(ctx, pkey); @@ -125,6 +123,9 @@ ssl_ctx_use_certificate_chain(SSL_CTX *ctx, int fd) ret = 0; x = NULL; + if (lseek(fd, 0, SEEK_SET) == -1) + return (ret); + if ((fp = fdopen(fd, "r")) == NULL) { SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_SYS_LIB); return (ret); |