From d232e106feb871ff63736df76b708eb684d31b72 Mon Sep 17 00:00:00 2001 From: Simon Ruderich Date: Fri, 11 Mar 2011 00:18:36 +0100 Subject: [PATCH 1/1] src/connection.c: Move path related defines to tlsproxy.h. Thus all file constants are stored in one place. --- src/connection.c | 12 ++---------- src/tlsproxy.h | 7 +++++++ 2 files changed, 9 insertions(+), 10 deletions(-) diff --git a/src/connection.c b/src/connection.c index 7ea6eb2..26947ff 100644 --- a/src/connection.c +++ b/src/connection.c @@ -35,10 +35,6 @@ * should be a good limit to make processing simpler. */ #define MAX_REQUEST_LINE 4096 -/* Paths to necessary TLS files: the CA and the server key. */ -#define PROXY_CA_FILE "proxy-ca.pem" -#define PROXY_KEY_FILE "proxy-key.pem" - static int initialize_tls_session_client(int peer_socket, const char *hostname, @@ -284,12 +280,9 @@ static int initialize_tls_session_client(int peer_socket, gnutls_certificate_credentials_t *x509_cred) { int result; char path[1024]; - /* The server certificate for the given hostname is stored in - * "./certificate-hostname-proxy.pem". */ -#define PATH_FORMAT "./certificate-%s-proxy.pem" /* Hostname too long. */ - if (sizeof(path) - strlen(PATH_FORMAT) <= strlen(hostname)) { + if (sizeof(path) - strlen(PROXY_SERVER_CERT_FORMAT) <= strlen(hostname)) { LOG(LOG_WARNING, "initialize_tls_session_client(): hostname too long: '%s'", hostname); @@ -302,8 +295,7 @@ static int initialize_tls_session_client(int peer_socket, hostname); return -1; } - snprintf(path, sizeof(path), PATH_FORMAT, hostname); -#undef PATH_FORMAT + snprintf(path, sizeof(path), PROXY_SERVER_CERT_FORMAT, hostname); result = gnutls_certificate_allocate_credentials(x509_cred); if (GNUTLS_E_SUCCESS != result) { diff --git a/src/tlsproxy.h b/src/tlsproxy.h index 8ade4e8..9c90808 100644 --- a/src/tlsproxy.h +++ b/src/tlsproxy.h @@ -32,6 +32,13 @@ #include "log.h" +/* Paths to necessary TLS files: the CA and the server key. */ +#define PROXY_CA_FILE "proxy-ca.pem" +#define PROXY_KEY_FILE "proxy-key.pem" +/* The server certificate for the given hostname is stored in + * "./certificate-hostname-proxy.pem" - we use this for the connection to the + * client. */ +#define PROXY_SERVER_CERT_FORMAT "./certificate-%s-proxy.pem" /* Proxy hostname and port if specified on the command line. */ -- 2.45.2