From a0e4f1e0f5989505f4aab10d64194b635f9af53c Mon Sep 17 00:00:00 2001 From: Lars-Dominik Braun Date: Fri, 11 Nov 2011 14:45:21 +0100 Subject: waitress: Fingerprint check Reduces memory usage, protects against 0wned CA's and avoids ca-bundle confusion. Closes #175 --- src/main.c | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) (limited to 'src/main.c') diff --git a/src/main.c b/src/main.c index e14a88a..afa75da 100644 --- a/src/main.c +++ b/src/main.c @@ -192,7 +192,7 @@ static void BarMainStartPlayback (BarApp_t *app, pthread_t *playerThread) { /* setup player */ memset (&app->player, 0, sizeof (app->player)); - WaitressInit (&app->player.waith, NULL); + WaitressInit (&app->player.waith); WaitressSetUrl (&app->player.waith, app->playlist->audioUrl); /* set up global proxy, player is NULLed on songfinish */ @@ -328,7 +328,6 @@ int main (int argc, char **argv) { static BarApp_t app; /* terminal attributes _before_ we started messing around with ~ECHO */ struct termios termOrig; - WaitressReturn_t wRet; memset (&app, 0, sizeof (app)); @@ -355,19 +354,10 @@ int main (int argc, char **argv) { app.settings.keys[BAR_KS_HELP]); } - if ((wRet = WaitressInit (&app.waith, app.settings.tlsCaPath)) != WAITRESS_RET_OK) { - if (wRet == WAITRESS_RET_TLS_TRUSTFILE_ERR) { - BarUiMsg (&app.settings, MSG_ERR, "Can't load root certificates. " - "Please check the tls_ca_path setting in your config file.\n"); - } else { - BarUiMsg (&app.settings, MSG_ERR, "Can't initialize HTTP library: " - "%s\n", WaitressErrorToStr (wRet)); - } - goto die; - } - + WaitressInit (&app.waith); app.waith.url.host = strdup (PIANO_RPC_HOST); app.waith.url.tls = true; + app.waith.tlsFingerprint = app.settings.tlsFingerprint; /* init fds */ FD_ZERO(&app.input.set); @@ -388,7 +378,6 @@ int main (int argc, char **argv) { BarMainLoop (&app); -die: if (app.input.fds[1] != -1) { close (app.input.fds[1]); } -- cgit v1.2.3