Commit 449ff02c authored by Jan Včelák's avatar Jan Včelák 🚀 Committed by Ondřej Surý

daemon/network: global TLS certificate and key configuration

parent f22f5226
......@@ -348,6 +348,42 @@ static int net_pipeline(lua_State *L)
return 1;
}
static int net_tls_cert(lua_State *L)
{
struct engine *engine = engine_luaget(L);
if (!lua_isstring(L, 1)) {
lua_pushstring(L, engine->net.tls_cert);
return 1;
}
int r = network_set_tls_cert(&engine->net, lua_tostring(L, 1));
if (r != 0) {
lua_pushstring(L, strerror(ENOMEM));
lua_error(L);
}
lua_pushboolean(L, true);
return 1;
}
static int net_tls_key(lua_State *L)
{
struct engine *engine = engine_luaget(L);
if (!lua_isstring(L, 1)) {
lua_pushstring(L, engine->net.tls_key);
return 1;
}
int r = network_set_tls_key(&engine->net, lua_tostring(L, 1));
if (r != 0) {
lua_pushstring(L, strerror(ENOMEM));
lua_error(L);
}
lua_pushboolean(L, true);
return 1;
}
int lib_net(lua_State *L)
{
static const luaL_Reg lib[] = {
......@@ -357,6 +393,8 @@ int lib_net(lua_State *L)
{ "interfaces", net_interfaces },
{ "bufsize", net_bufsize },
{ "tcp_pipeline", net_pipeline },
{ "tls_cert", net_tls_cert },
{ "tls_key", net_tls_key },
{ NULL, NULL }
};
register_lib(L, "net", lib);
......
......@@ -101,6 +101,10 @@ void network_deinit(struct network *net)
map_walk(&net->endpoints, close_key, 0);
map_walk(&net->endpoints, free_key, 0);
map_clear(&net->endpoints);
free(net->tls_cert);
net->tls_cert = NULL;
free(net->tls_key);
net->tls_key = NULL;
}
}
......@@ -329,3 +333,33 @@ int network_close(struct network *net, const char *addr, uint16_t port)
return kr_ok();
}
static int str_replace(char **where_ptr, const char *with)
{
char *copy = with ? strdup(with) : NULL;
if (with && !copy) {
return kr_error(ENOMEM);
}
free(*where_ptr);
*where_ptr = copy;
return kr_ok();
}
int network_set_tls_cert(struct network *net, const char *value)
{
if (!net) {
return kr_error(EINVAL);
}
return str_replace(&net->tls_cert, value);
}
int network_set_tls_key(struct network *net, const char *value)
{
if (!net) {
return kr_error(EINVAL);
}
return str_replace(&net->tls_key, value);
}
......@@ -42,6 +42,8 @@ typedef array_t(struct endpoint*) endpoint_array_t;
struct network {
uv_loop_t *loop;
map_t endpoints;
char *tls_cert;
char *tls_key;
};
void network_init(struct network *net, uv_loop_t *loop);
......@@ -49,3 +51,5 @@ void network_deinit(struct network *net);
int network_listen_fd(struct network *net, int fd);
int network_listen(struct network *net, const char *addr, uint16_t port, uint32_t flags);
int network_close(struct network *net, const char *addr, uint16_t port);
int network_set_tls_cert(struct network *net, const char *cert);
int network_set_tls_key(struct network *net, const char *key);
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment