diff options
Diffstat (limited to 'vchat-connection.c')
| -rw-r--r-- | vchat-connection.c | 28 |
1 files changed, 9 insertions, 19 deletions
diff --git a/vchat-connection.c b/vchat-connection.c index 60dc81f..c0648c8 100644 --- a/vchat-connection.c +++ b/vchat-connection.c | |||
| @@ -84,7 +84,7 @@ int | |||
| 84 | vc_connect (const char *server, const char *port) | 84 | vc_connect (const char *server, const char *port) |
| 85 | { | 85 | { |
| 86 | /* vchat connection x509 store */ | 86 | /* vchat connection x509 store */ |
| 87 | vc_x509store_t *vc_store; | 87 | vc_x509store_t vc_store; |
| 88 | 88 | ||
| 89 | /* pointer to tilde-expanded certificate/keyfile-names */ | 89 | /* pointer to tilde-expanded certificate/keyfile-names */ |
| 90 | char *certfile, *cafile; | 90 | char *certfile, *cafile; |
| @@ -102,12 +102,7 @@ vc_connect (const char *server, const char *port) | |||
| 102 | return 0; | 102 | return 0; |
| 103 | 103 | ||
| 104 | /* If SSL is requested, get our ssl-BIO running */ | 104 | /* If SSL is requested, get our ssl-BIO running */ |
| 105 | vc_store = vc_init_x509store(); | 105 | vc_init_x509store(&vc_store); |
| 106 | if( !vc_store ) { | ||
| 107 | snprintf (tmpstr, TMPSTRSIZE, getformatstr(FS_ERR), "Out of memory" ); | ||
| 108 | writechan (tmpstr); | ||
| 109 | return -1; | ||
| 110 | } | ||
| 111 | 106 | ||
| 112 | /* get name of certificate file */ | 107 | /* get name of certificate file */ |
| 113 | certfile = get_tilde_expanded (CF_CERTFILE); | 108 | certfile = get_tilde_expanded (CF_CERTFILE); |
| @@ -116,30 +111,25 @@ vc_connect (const char *server, const char *port) | |||
| 116 | /* get name of key file */ | 111 | /* get name of key file */ |
| 117 | char *keyfile = get_tilde_expanded (CF_KEYFILE); | 112 | char *keyfile = get_tilde_expanded (CF_KEYFILE); |
| 118 | 113 | ||
| 119 | vc_x509store_setflags(vc_store, VC_X509S_USE_CERTIFICATE); | 114 | vc_x509store_setcertfile(&vc_store, certfile); |
| 120 | vc_x509store_setcertfile(vc_store, certfile); | 115 | vc_x509store_set_pkeycb(&vc_store, (vc_askpass_cb_t)passprompt); |
| 121 | 116 | ||
| 122 | vc_x509store_set_pkeycb(vc_store, (vc_askpass_cb_t)passprompt); | ||
| 123 | /* if we don't have a key file, the key may be in the cert file */ | 117 | /* if we don't have a key file, the key may be in the cert file */ |
| 124 | vc_x509store_setkeyfile(vc_store, keyfile ? keyfile : certfile); | 118 | vc_x509store_setkeyfile(&vc_store, keyfile ? keyfile : certfile); |
| 125 | 119 | ||
| 126 | free(keyfile); | 120 | free(keyfile); |
| 127 | free(certfile); | 121 | free(certfile); |
| 128 | } | 122 | } |
| 129 | 123 | ||
| 130 | vc_x509store_setflags(vc_store, VC_X509S_SSL_VERIFY_PEER); | ||
| 131 | |||
| 132 | /* get name of ca file */ | 124 | /* get name of ca file */ |
| 133 | cafile = get_tilde_expanded (CF_CAFILE); | 125 | cafile = get_tilde_expanded (CF_CAFILE); |
| 134 | if (cafile && !access(cafile, F_OK)) { | 126 | if (cafile && !access(cafile, F_OK)) |
| 135 | vc_x509store_setflags(vc_store, VC_X509S_NODEF_CAFILE); | 127 | vc_x509store_setcafile(&vc_store, cafile); |
| 136 | vc_x509store_setcafile(vc_store, cafile); | ||
| 137 | } | ||
| 138 | free(cafile); | 128 | free(cafile); |
| 139 | 129 | ||
| 140 | /* upgrade our plain BIO to ssl */ | 130 | /* upgrade our plain BIO to ssl */ |
| 141 | int result = vc_tls_connect( serverfd, vc_store ); | 131 | int result = vc_tls_connect( serverfd, &vc_store ); |
| 142 | vc_cleanup_x509store(vc_store); | 132 | vc_cleanup_x509store(&vc_store); |
| 143 | 133 | ||
| 144 | if (result) { | 134 | if (result) { |
| 145 | close(serverfd); | 135 | close(serverfd); |