X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=privcache.c;h=d790c30ad07402a1325c8340a3fdd169618bcaa7;hb=9eba4abfe44617aa78f625d900fe6bc2c58bb4cb;hp=ba5ddc903a0ee4e5fdb4be83d18236bb45048938;hpb=7b3937db4102e6b2adc0fc861965d0f9d4da2d8b;p=secnet.git

diff --git a/privcache.c b/privcache.c
index ba5ddc9..d790c30 100644
--- a/privcache.c
+++ b/privcache.c
@@ -21,6 +21,7 @@
 #include "util.h"
 
 #define DEFAULT_SIZE 5
+#define DEFAULT_MAXPRIV_BYTES 4095
 
 struct ent {
     struct sigkeyid id;
@@ -34,14 +35,12 @@ struct privcache {
     struct pathprefix_template path;
     struct ent *ents;
     struct buffer_if databuf;
-    struct hash_if *defhash;
 };
 
 static bool_t uncached_load_file(
 			   const struct sigscheme_info *scheme,
 			   const char *path,
 			   struct buffer_if *databuf,
-			   struct hash_if *defhash,
 			   struct sigprivkey_if **sigpriv_r,
 			   closure_t **closure_r,
 			   struct log_if *log);
@@ -69,7 +68,6 @@ static struct sigprivkey_if *uncached_get(struct privcache *st,
     bool_t ok=uncached_load_file(scheme,
 			      path,
 			      &st->databuf,
-			      st->defhash,
 			      &sigpriv,
 			      &cl,
 			      log);
@@ -80,7 +78,6 @@ static bool_t uncached_load_file(
 			   const struct sigscheme_info *scheme,
 			   const char *path,
 			   struct buffer_if *databuf,
-			   struct hash_if *defhash,
 			   struct sigprivkey_if **sigpriv_r,
 			   closure_t **closure_r,
 			   struct log_if *log)
@@ -122,15 +119,6 @@ static bool_t uncached_load_file(
     ok=scheme->loadpriv(scheme, databuf, &sigpriv, closure_r, log, loc);
     if (!ok) goto error_out; /* loadpriv will have logged */
 
-    if (sigpriv->sethash) {
-	if (!defhash) {
-	    slilog(log,M_ERR,
- "private key %s requires `hash' config key for privcache to load",
-		   path);
-	    goto error_out;
-	}
-	sigpriv->sethash(sigpriv->st,defhash);
-    }
     *sigpriv_r=sigpriv;
 
   out:
@@ -193,7 +181,6 @@ static list_t *privcache_apply(closure_t *self, struct cloc loc,
     st->ents=0;
     st->path.buffer=0;
     st->used=st->alloc=0;
-    st->defhash=0;
 
     item=list_elem(args,0);
     if (!item || item->type!=t_dict)
@@ -207,18 +194,45 @@ static list_t *privcache_apply(closure_t *self, struct cloc loc,
     st->used=0;
 
     int32_t buflen=dict_read_number(dict,"privkey-max",False,"privcache",loc,
-				    4095);
+				    DEFAULT_MAXPRIV_BYTES);
     buffer_new(&st->databuf,buflen+1);
 
     const char *path=dict_read_string(dict,"privkeys",True,"privcache",loc);
     pathprefix_template_init(&st->path,path,KEYIDSZ*2);
 
-    st->defhash=find_cl_if(dict,"hash",CL_HASH,False,"site",loc);
-
     return new_closure(&st->cl);
 }
 
+static list_t *loadprivate_apply(closure_t *self, struct cloc loc,
+			       dict_t *context, list_t *args)
+{
+    CL_GET_STR_ARG(0,algname,"algorithm name");
+    CL_GET_STR_ARG(1,path,"private key path");
+
+    const struct sigscheme_info *sch=sigscheme_lookup(algname);
+    if (!sch) cfgfatal(algname_i->loc,"load-private",
+		       "unknown algorithm `%s'",algname);
+
+    struct buffer_if databuf;
+    buffer_new(&databuf,DEFAULT_MAXPRIV_BYTES);
+    BUF_ALLOC(&databuf,"load-private data buf");
+
+    struct cfgfile_log log;
+    cfgfile_log_init(&log,loc,"load-private");
+
+    struct sigprivkey_if *sigpriv;
+    closure_t *cl;
+    bool_t ok=
+	uncached_load_file(sch,path,&databuf,&sigpriv,&cl,&log.log);
+    if (!ok) cfgfatal(loc,"load-private","private key loading failed");
+
+    BUF_FREE(&databuf);
+    buffer_destroy(&databuf);
+    return new_closure(cl);
+}
+
 void privcache_module(dict_t *dict)
 {
     add_closure(dict,"priv-cache",privcache_apply);
+    add_closure(dict,"load-private",loadprivate_apply);
 }