/*
* Handle connections.
*
- * Copyright (C) 2011 Simon Ruderich
+ * Copyright (C) 2011-2013 Simon Ruderich
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* certificate then just pass through the connection and let the client
* verify the server certificate. */
if (global_passthrough_unknown) {
- char path[1024];
+ char path[TLSPROXY_MAX_PATH_LENGTH];
FILE *file = NULL;
- if (-2 == server_certificate_path(&file, host, path, sizeof(path))) {
+ if (-2 == server_certificate_file(&file, host, path, sizeof(path))) {
/* We've established a connection, tell the client. */
fprintf(client_fd, "HTTP/1.0 200 Connection established\r\n");
fprintf(client_fd, "\r\n");
goto out;
}
- /* server_certificate_path() may have opened the file, close it. */
+ /* server_certificate_file() may have opened the file, close it. */
if (NULL != file) {
fclose(file);
}
gnutls_certificate_credentials_t *x509_cred) {
int result;
int use_invalid_cert;
- char path[1024];
+ char path[TLSPROXY_MAX_PATH_LENGTH];
/* The "invalid" hostname is special. If it's used we send an invalid
* certificate to let the client know something is wrong. */
- use_invalid_cert = 0 == strcmp(hostname, "invalid");
+ use_invalid_cert = (0 == strcmp(hostname, "invalid"));
if (0 != proxy_certificate_path(hostname, path, sizeof(path))) {
LOG(LOG_ERROR,
gnutls_certificate_free_credentials(*x509_cred);
return -1;
}
- gnutls_priority_set(*session, global_tls_priority_cache);
+ result = gnutls_priority_set(*session, global_tls_priority_cache);
if (GNUTLS_E_SUCCESS != result) {
LOG(LOG_ERROR,
"initialize_tls_session_server(): gnutls_priority_set(): %s",
return -2;
}
- while (NULL != fgets(buffer, MAX_REQUEST_LINE, client_fd)) {
+ while (NULL != fgets(buffer, sizeof(buffer), client_fd)) {
/* End of header. */
if (0 == strcmp(buffer, "\n") || 0 == strcmp(buffer, "\r\n")) {
break;
ruderich.org/simon / tlsproxy / tlsproxy.git / blobdiff