diff options
author | Omar Polo <op@omarpolo.com> | 2023-08-07 13:18:04 +0000 |
---|---|---|
committer | Omar Polo <op@omarpolo.com> | 2023-08-07 13:18:04 +0000 |
commit | d72ac636bb2b5c5a6b9c946cc5fc69130ac62653 (patch) | |
tree | 3c5d38a9bbe7a489dce98043d58db768f92fd289 /config.c | |
parent | 36a98d50e533bf90b952130adbf1ca4ccc866f04 (diff) |
unbreak config_test() when !use_privsep_crypto
The new config_test() fails miserably when the privsep crypto engine is
not enabled. As a temporary workaround, forcibly disable it during
config_test() as we're not going to run anyway.
Diffstat (limited to 'config.c')
-rw-r--r-- | config.c | 27 |
1 files changed, 14 insertions, 13 deletions
@@ -752,33 +752,34 @@ config_test(struct conf *conf) { struct vhost *h; struct address *addr; - struct imsg imsg; int fd; - TAILQ_FOREACH(h, &conf->hosts, vhosts) { - /* faking the imsgs for config_crypto_recv_kp */ + /* + * can't use config_crypto_recv_kp() because not on all platforms + * we're using the privsep crypto engine (yet). + */ + conf->use_privsep_crypto = 0; + TAILQ_FOREACH(h, &conf->hosts, vhosts) { if ((fd = open(h->cert_path, O_RDONLY)) == -1) { log_warn("can't open %s", h->cert_path); return -1; } - - memset(&imsg, 0, sizeof(imsg)); - imsg.fd = fd; - imsg.hdr.type = IMSG_RECONF_CERT; - if (config_crypto_recv_kp(conf, &imsg) == -1) + if (load_file(fd, &h->cert, &h->certlen) == -1) { + log_warnx("failed to load cert for %s", + h->domain); return -1; + } if ((fd = open(h->key_path, O_RDONLY)) == -1) { log_warn("can't open %s", h->key_path); return -1; } - - memset(&imsg, 0, sizeof(imsg)); - imsg.fd = fd; - imsg.hdr.type = IMSG_RECONF_KEY; - if (config_crypto_recv_kp(conf, &imsg) == -1) + if (load_file(fd, &h->key, &h->keylen) == -1) { + log_warnx("failed to load key for %s", + h->domain); return -1; + } } TAILQ_FOREACH(addr, &conf->addrs, addrs) { |