src/connection.c,src/verify.c: Use a constant for path length.

diff --git a/src/connection.c b/src/connection.c
index e4b0b29f1b1575dcefb32518c58eb9ef43f3357e..4e98f309dd063bfa5ba4eec470396cfe1c789468 100644 (file)
--- a/src/connection.c
+++ b/src/connection.c
@@ -199,7 +199,7 @@ void handle_connection(int client_socket) {
      * certificate then just pass through the connection and let the client
      * verify the server certificate. */
     if (global_passthrough_unknown) {
-        char path[1024];
+        char path[TLSPROXY_MAX_PATH_LENGTH];
         FILE *file = NULL;
 
         if (-2 == server_certificate_file(&file, host, path, sizeof(path))) {
@@ -353,7 +353,7 @@ static int initialize_tls_session_client(int peer_socket,
         gnutls_certificate_credentials_t *x509_cred) {
     int result;
     int use_invalid_cert;
-    char path[1024];
+    char path[TLSPROXY_MAX_PATH_LENGTH];
 
     /* The "invalid" hostname is special. If it's used we send an invalid
      * certificate to let the client know something is wrong. */

diff --git a/src/tlsproxy.h b/src/tlsproxy.h
index 970b08d615966fecc178e569d430817f85eff39b..59b4a70f1656f926c92475bc04371b3318b451fa 100644 (file)
--- a/src/tlsproxy.h
+++ b/src/tlsproxy.h
@@ -31,6 +31,8 @@
 
 #include "log.h"
 
+/* Length for path arrays. */
+#define TLSPROXY_MAX_PATH_LENGTH 1024
 
 /* Paths to necessary TLS files: the CA and the server key. */
 #define PROXY_CA_FILE  "proxy-ca.pem"

diff --git a/src/verify.c b/src/verify.c
index 0888a30ccc02318c714c6ac3956ea265b5bf52bc..6697865d01a9c02167b3b2449a61c2b90f9d38a3 100644 (file)
--- a/src/verify.c
+++ b/src/verify.c
@@ -32,7 +32,7 @@ static int get_certificate_path(const char *format,
 
 int verify_tls_connection(gnutls_session_t session, const char *hostname) {
     int result;
-    char path[1024];
+    char path[TLSPROXY_MAX_PATH_LENGTH];
 
     size_t size;
     unsigned int status;