summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/libwaitress/waitress.c22
-rw-r--r--src/libwaitress/waitress.h7
-rw-r--r--src/main.c4
3 files changed, 21 insertions, 12 deletions
diff --git a/src/libwaitress/waitress.c b/src/libwaitress/waitress.c
index aff023b..8b6daa8 100644
--- a/src/libwaitress/waitress.c
+++ b/src/libwaitress/waitress.c
@@ -55,11 +55,19 @@ typedef struct {
size_t pos;
} WaitressFetchBufCbBuffer_t;
-void WaitressInit (WaitressHandle_t *waith) {
+void WaitressInit (WaitressHandle_t *waith, const char *caPath) {
assert (waith != NULL);
memset (waith, 0, sizeof (*waith));
waith->timeout = 30000;
+#ifdef ENABLE_TLS
+ gnutls_certificate_allocate_credentials (&waith->tlsCred);
+ if (caPath == NULL) {
+ caPath = "/etc/ssl/certs/ca-certificates.crt";
+ }
+ gnutls_certificate_set_x509_trust_file (waith->tlsCred, caPath,
+ GNUTLS_X509_FMT_PEM);
+#endif
}
void WaitressFree (WaitressHandle_t *waith) {
@@ -67,6 +75,9 @@ void WaitressFree (WaitressHandle_t *waith) {
free (waith->url.url);
free (waith->proxy.url);
+#ifdef ENABLE_TLS
+ gnutls_certificate_free_credentials (waith->tlsCred);
+#endif
memset (waith, 0, sizeof (*waith));
}
@@ -1020,10 +1031,6 @@ WaitressReturn_t WaitressFetchCall (WaitressHandle_t *waith) {
if (waith->url.tls) {
waith->request.read = WaitressGnutlsRead;
waith->request.write = WaitressGnutlsWrite;
- /* FIXME: move creds to waitressinit */
- gnutls_certificate_allocate_credentials (&waith->request.tlsCred);
- gnutls_certificate_set_x509_trust_file (waith->request.tlsCred,
- "/etc/ssl/certs/ca-certificates.crt", GNUTLS_X509_FMT_PEM);
gnutls_init (&waith->request.tlsSession, GNUTLS_CLIENT);
const char *err;
if (gnutls_priority_set_direct (waith->request.tlsSession,
@@ -1032,7 +1039,7 @@ WaitressReturn_t WaitressFetchCall (WaitressHandle_t *waith) {
}
if (gnutls_credentials_set (waith->request.tlsSession,
GNUTLS_CRD_CERTIFICATE,
- waith->request.tlsCred) != GNUTLS_E_SUCCESS) {
+ waith->tlsCred) != GNUTLS_E_SUCCESS) {
return WAITRESS_RET_ERR;
}
@@ -1047,7 +1054,7 @@ WaitressReturn_t WaitressFetchCall (WaitressHandle_t *waith) {
/* certificate verification function */
gnutls_session_set_ptr (waith->request.tlsSession,
(gnutls_transport_ptr_t) waith);
- gnutls_certificate_set_verify_function (waith->request.tlsCred,
+ gnutls_certificate_set_verify_function (waith->tlsCred,
WaitressTlsVerify);
}
#else
@@ -1073,7 +1080,6 @@ WaitressReturn_t WaitressFetchCall (WaitressHandle_t *waith) {
if (waith->url.tls) {
gnutls_bye (waith->request.tlsSession, GNUTLS_SHUT_RDWR);
gnutls_deinit (waith->request.tlsSession);
- gnutls_certificate_free_credentials (waith->request.tlsCred);
}
#endif
close (waith->request.sockfd);
diff --git a/src/libwaitress/waitress.h b/src/libwaitress/waitress.h
index 9523ede..eb79393 100644
--- a/src/libwaitress/waitress.h
+++ b/src/libwaitress/waitress.h
@@ -93,6 +93,10 @@ typedef struct {
void *data;
WaitressCbReturn_t (*callback) (void *, size_t, void *);
int timeout;
+#ifdef ENABLE_TLS
+ gnutls_certificate_credentials_t tlsCred;
+#endif
+
/* per-request data */
struct {
size_t contentLength, contentReceived, chunkSize;
@@ -100,7 +104,6 @@ typedef struct {
char *buf;
#ifdef ENABLE_TLS
gnutls_session_t tlsSession;
- gnutls_certificate_credentials_t tlsCred;
#endif
/* first argument is WaitressHandle_t, but that's not defined here */
WaitressHandlerReturn_t (*dataHandler) (void *, char *, const size_t);
@@ -111,7 +114,7 @@ typedef struct {
} request;
} WaitressHandle_t;
-void WaitressInit (WaitressHandle_t *);
+void WaitressInit (WaitressHandle_t *, const char *);
void WaitressFree (WaitressHandle_t *);
bool WaitressSetProxy (WaitressHandle_t *, const char *);
char *WaitressUrlEncode (const char *);
diff --git a/src/main.c b/src/main.c
index bcc7997..0283921 100644
--- a/src/main.c
+++ b/src/main.c
@@ -192,7 +192,7 @@ static void BarMainStartPlayback (BarApp_t *app, pthread_t *playerThread) {
/* setup player */
memset (&app->player, 0, sizeof (app->player));
- WaitressInit (&app->player.waith);
+ WaitressInit (&app->player.waith, NULL);
WaitressSetUrl (&app->player.waith, app->playlist->audioUrl);
/* set up global proxy, player is NULLed on songfinish */
@@ -343,7 +343,7 @@ int main (int argc, char **argv) {
#endif
PianoInit (&app.ph);
- WaitressInit (&app.waith);
+ WaitressInit (&app.waith, NULL);
app.waith.url.host = strdup (PIANO_RPC_HOST);
#ifdef ENABLE_TLS
app.waith.url.tls = true;