aboutsummaryrefslogtreecommitdiffstats
path: root/conf.c
diff options
context:
space:
mode:
Diffstat (limited to 'conf.c')
-rw-r--r--conf.c41
1 files changed, 41 insertions, 0 deletions
diff --git a/conf.c b/conf.c
index 8c2439e7..83495d15 100644
--- a/conf.c
+++ b/conf.c
@@ -70,6 +70,11 @@ conf_t *conf_load(int argc, char *argv[])
conf->ft_listen = NULL;
conf->protocols = NULL;
conf->cafile = NULL;
+#ifdef WITH_GNUTLS
+ conf->ssl = FALSE;
+ conf->ssl_cert = NULL;
+ conf->ssl_key = NULL;
+#endif /* WITH_GNUTLS */
proxytype = 0;
i = conf_loadini(conf, global.conf_file);
@@ -171,6 +176,23 @@ conf_t *conf_load(int argc, char *argv[])
return NULL;
}
+#ifdef WITH_GNUTLS
+ if (conf->ssl && (!conf->ssl_cert || !conf->ssl_key)) {
+ fprintf(stderr, "Error: SSL enabled but cert or key is missing\n");
+ return NULL;
+ }
+
+ if (conf->ssl && conf->ssl_cert && access(conf->ssl_cert, R_OK) != 0) {
+ fprintf(stderr, "Error: Could not read SSL Cert %s: %s\n", conf->ssl_cert, strerror(errno));
+ return NULL;
+ }
+
+ if (conf->ssl && conf->ssl_key && access(conf->ssl_key, R_OK) != 0) {
+ fprintf(stderr, "Error: Could not read SSL Key %s: %s\n", conf->ssl_key, strerror(errno));
+ return NULL;
+ }
+#endif /* WITH_GNUTLS */
+
return conf;
}
@@ -238,6 +260,8 @@ static int conf_loadini(conf_t *conf, char *file)
conf->authmode = AUTHMODE_REGISTERED;
} else if (g_strcasecmp(ini->value, "closed") == 0) {
conf->authmode = AUTHMODE_CLOSED;
+ } else if (g_strcasecmp(ini->value, "sasl") == 0) {
+ conf->authmode = AUTHMODE_SASL;
} else {
conf->authmode = AUTHMODE_OPEN;
}
@@ -343,6 +367,23 @@ static int conf_loadini(conf_t *conf, char *file)
} else if (g_strcasecmp(ini->key, "cafile") == 0) {
g_free(conf->cafile);
conf->cafile = g_strdup(ini->value);
+#ifdef WITH_GNUTLS
+ } else if (g_strcasecmp(ini->key, "ssl") == 0) {
+ if (g_strcasecmp(ini->value, "true") == 0) {
+ conf->ssl = TRUE;
+ } else if (g_strcasecmp(ini->value, "false") == 0) {
+ conf->ssl = FALSE;
+ } else {
+ fprintf(stderr, "Invalid %s value: %s\n", ini->key, ini->value);
+ return 0;
+ }
+ } else if (g_strcasecmp(ini->key, "ssl_cert") == 0) {
+ g_free(conf->ssl_cert);
+ conf->ssl_cert = g_strdup(ini->value);
+ } else if (g_strcasecmp(ini->key, "ssl_key") == 0) {
+ g_free(conf->ssl_key);
+ conf->ssl_key = g_strdup(ini->value);
+#endif /* WITH_GNUTLS */
} else {
fprintf(stderr, "Error: Unknown setting `%s` in configuration file (line %d).\n",
ini->key, ini->line);
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-27 08:59:23 +0000