#include "util.h"
#define DEFAULT_SIZE 5
+#define DEFAULT_MAXPRIV_BYTES 4095
struct ent {
struct sigkeyid id;
struct pathprefix_template path;
struct ent *ents;
struct buffer_if databuf;
- struct hash_if *defhash;
};
static bool_t uncached_load_file(
const struct sigscheme_info *scheme,
const char *path,
struct buffer_if *databuf,
- struct hash_if *defhash,
struct sigprivkey_if **sigpriv_r,
closure_t **closure_r,
struct log_if *log);
bool_t ok=uncached_load_file(scheme,
path,
&st->databuf,
- st->defhash,
&sigpriv,
&cl,
log);
const struct sigscheme_info *scheme,
const char *path,
struct buffer_if *databuf,
- struct hash_if *defhash,
struct sigprivkey_if **sigpriv_r,
closure_t **closure_r,
struct log_if *log)
ok=scheme->loadpriv(scheme, databuf, &sigpriv, closure_r, log, loc);
if (!ok) goto error_out; /* loadpriv will have logged */
- if (sigpriv->sethash) {
- if (!defhash) {
- slilog(log,M_ERR,
- "private key %s requires `hash' config key for privcache to load",
- path);
- goto error_out;
- }
- sigpriv->sethash(sigpriv->st,defhash);
- }
*sigpriv_r=sigpriv;
out:
st->ents=0;
st->path.buffer=0;
st->used=st->alloc=0;
- st->defhash=0;
item=list_elem(args,0);
if (!item || item->type!=t_dict)
st->used=0;
int32_t buflen=dict_read_number(dict,"privkey-max",False,"privcache",loc,
- 4095);
+ DEFAULT_MAXPRIV_BYTES);
buffer_new(&st->databuf,buflen+1);
const char *path=dict_read_string(dict,"privkeys",True,"privcache",loc);
pathprefix_template_init(&st->path,path,KEYIDSZ*2);
- st->defhash=find_cl_if(dict,"hash",CL_HASH,False,"site",loc);
-
return new_closure(&st->cl);
}
+static list_t *loadprivate_apply(closure_t *self, struct cloc loc,
+ dict_t *context, list_t *args)
+{
+ CL_GET_STR_ARG(0,algname,"algorithm name");
+ CL_GET_STR_ARG(1,path,"private key path");
+
+ const struct sigscheme_info *sch=sigscheme_lookup(algname);
+ if (!sch) cfgfatal(algname_i->loc,"load-private",
+ "unknown algorithm `%s'",algname);
+
+ struct buffer_if databuf;
+ buffer_new(&databuf,DEFAULT_MAXPRIV_BYTES);
+ BUF_ALLOC(&databuf,"load-private data buf");
+
+ struct cfgfile_log log;
+ cfgfile_log_init(&log,loc,"load-private");
+
+ struct sigprivkey_if *sigpriv;
+ closure_t *cl;
+ bool_t ok=
+ uncached_load_file(sch,path,&databuf,&sigpriv,&cl,&log.log);
+ if (!ok) cfgfatal(loc,"load-private","private key loading failed");
+
+ BUF_FREE(&databuf);
+ buffer_destroy(&databuf);
+ return new_closure(cl);
+}
+
void privcache_module(dict_t *dict)
{
add_closure(dict,"priv-cache",privcache_apply);
+ add_closure(dict,"load-private",loadprivate_apply);
}