aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--rpcapd/rpcapd.c4
-rw-r--r--sslutils.c16
-rw-r--r--sslutils.h10
3 files changed, 17 insertions, 13 deletions
diff --git a/rpcapd/rpcapd.c b/rpcapd/rpcapd.c
index b7fa21f1..26b6e8ab 100644
--- a/rpcapd/rpcapd.c
+++ b/rpcapd/rpcapd.c
@@ -300,10 +300,10 @@ int main(int argc, char *argv[])
enable_compression = 1;
break;
case 'K':
- snprintf(ssl_keyfile, sizeof ssl_keyfile, "%s", optarg);
+ ssl_set_keyfile(optarg);
break;
case 'X':
- snprintf(ssl_certfile, sizeof ssl_certfile, "%s", optarg);
+ ssl_set_certfile(optarg);
break;
#endif
case 'h':
diff --git a/sslutils.c b/sslutils.c
index 605000bc..d09ed6c9 100644
--- a/sslutils.c
+++ b/sslutils.c
@@ -41,14 +41,24 @@
#include "sslutils.h"
#include "pcap/pcap.h"
-char ssl_keyfile[PATH_MAX]; //!< file containing the private key in PEM format
-char ssl_certfile[PATH_MAX]; //!< file containing the server's certificate in PEM format
-char ssl_rootfile[PATH_MAX]; //!< file containing the list of CAs trusted by the client
+static const char *ssl_keyfile = ""; //!< file containing the private key in PEM format
+static const char *ssl_certfile = ""; //!< file containing the server's certificate in PEM format
+static const char *ssl_rootfile = ""; //!< file containing the list of CAs trusted by the client
// TODO: a way to set ssl_rootfile from the command line, or an envvar?
// TODO: lock?
static SSL_CTX *ctx;
+void ssl_set_certfile(const char *certfile)
+{
+ ssl_certfile = certfile;
+}
+
+void ssl_set_keyfile(const char *keyfile)
+{
+ ssl_keyfile = keyfile;
+}
+
int ssl_init_once(int is_server, int enable_compression, char *errbuf, size_t errbuflen)
{
static int inited = 0;
diff --git a/sslutils.h b/sslutils.h
index a769cfee..63810538 100644
--- a/sslutils.h
+++ b/sslutils.h
@@ -39,17 +39,11 @@
#include "pcap/pcap.h" // for SOCKET
/*
- * Configuration parameters
- */
-
-extern char ssl_keyfile[PATH_MAX];
-extern char ssl_certfile[PATH_MAX];
-extern char ssl_rootfile[PATH_MAX];
-
-/*
* Utility functions
*/
+void ssl_set_certfile(const char *certfile);
+void ssl_set_keyfile(const char *keyfile);
int ssl_init_once(int is_server, int enable_compression, char *errbuf, size_t errbuflen);
SSL *ssl_promotion(int is_server, SOCKET s, char *errbuf, size_t errbuflen);
SSL *ssl_promotion_rw(int is_server, SOCKET in, SOCKET out, char *errbuf, size_t errbuflen);
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-10 08:53:07 +0000