summaryrefslogtreecommitdiff
path: root/src/sbearssl/sbearssl_get_tas.c
diff options
context:
space:
mode:
authorLaurent Bercot <ska-skaware@skarnet.org>2021-05-18 11:19:19 +0000
committerLaurent Bercot <ska-skaware@skarnet.org>2021-05-18 11:19:19 +0000
commit6780eee3e0dbe37640f72ed1e37a95c506e23f8c (patch)
treefd89e47869fd422c6a2fb49e361c760a94b60668 /src/sbearssl/sbearssl_get_tas.c
parent8f4d374c931ce12554beb9231c1af9171832e133 (diff)
downloads6-networking-6780eee3e0dbe37640f72ed1e37a95c506e23f8c.tar.xz
Prepare for 2.4.2.0; implement client certificates with bearssl
Also send a bit more environment with libtls
Diffstat (limited to 'src/sbearssl/sbearssl_get_tas.c')
-rw-r--r--src/sbearssl/sbearssl_get_tas.c33
1 files changed, 33 insertions, 0 deletions
diff --git a/src/sbearssl/sbearssl_get_tas.c b/src/sbearssl/sbearssl_get_tas.c
new file mode 100644
index 0000000..aa8f63b
--- /dev/null
+++ b/src/sbearssl/sbearssl_get_tas.c
@@ -0,0 +1,33 @@
+/* ISC license. */
+
+#include <stdlib.h>
+
+#include <skalibs/strerr2.h>
+#include <skalibs/stralloc.h>
+#include <skalibs/genalloc.h>
+
+#include <s6-networking/sbearssl.h>
+#include "sbearssl-internal.h"
+
+size_t sbearssl_get_tas (genalloc *tas, stralloc *storage)
+{
+ size_t talen ;
+ int r ;
+ char const *x = getenv("CADIR") ;
+ if (x) r = sbearssl_ta_readdir(x, tas, storage) ;
+ else
+ {
+ x = getenv("CAFILE") ;
+ if (!x) strerr_dienotset(100, "CADIR or CAFILE") ;
+ r = sbearssl_ta_readfile(x, tas, storage) ;
+ }
+
+ if (r < 0)
+ strerr_diefu2sys(111, "read trust anchors in ", x) ;
+ else if (r)
+ strerr_diefu4x(96, "read trust anchors in ", x, ": ", sbearssl_error_str(r)) ;
+
+ talen = genalloc_len(sbearssl_ta, tas) ;
+ if (!talen) strerr_dief2x(96, "no trust anchor found in ", x) ;
+ return talen ;
+}