summaryrefslogtreecommitdiff
path: root/vchat-connection.c
diff options
context:
space:
mode:
Diffstat (limited to 'vchat-connection.c')
-rw-r--r--vchat-connection.c28
1 files changed, 9 insertions, 19 deletions
diff --git a/vchat-connection.c b/vchat-connection.c
index 60dc81f..c0648c8 100644
--- a/vchat-connection.c
+++ b/vchat-connection.c
@@ -84,7 +84,7 @@ int
84vc_connect (const char *server, const char *port) 84vc_connect (const char *server, const char *port)
85{ 85{
86 /* vchat connection x509 store */ 86 /* vchat connection x509 store */
87 vc_x509store_t *vc_store; 87 vc_x509store_t vc_store;
88 88
89 /* pointer to tilde-expanded certificate/keyfile-names */ 89 /* pointer to tilde-expanded certificate/keyfile-names */
90 char *certfile, *cafile; 90 char *certfile, *cafile;
@@ -102,12 +102,7 @@ vc_connect (const char *server, const char *port)
102 return 0; 102 return 0;
103 103
104 /* If SSL is requested, get our ssl-BIO running */ 104 /* If SSL is requested, get our ssl-BIO running */
105 vc_store = vc_init_x509store(); 105 vc_init_x509store(&vc_store);
106 if( !vc_store ) {
107 snprintf (tmpstr, TMPSTRSIZE, getformatstr(FS_ERR), "Out of memory" );
108 writechan (tmpstr);
109 return -1;
110 }
111 106
112 /* get name of certificate file */ 107 /* get name of certificate file */
113 certfile = get_tilde_expanded (CF_CERTFILE); 108 certfile = get_tilde_expanded (CF_CERTFILE);
@@ -116,30 +111,25 @@ vc_connect (const char *server, const char *port)
116 /* get name of key file */ 111 /* get name of key file */
117 char *keyfile = get_tilde_expanded (CF_KEYFILE); 112 char *keyfile = get_tilde_expanded (CF_KEYFILE);
118 113
119 vc_x509store_setflags(vc_store, VC_X509S_USE_CERTIFICATE); 114 vc_x509store_setcertfile(&vc_store, certfile);
120 vc_x509store_setcertfile(vc_store, certfile); 115 vc_x509store_set_pkeycb(&vc_store, (vc_askpass_cb_t)passprompt);
121 116
122 vc_x509store_set_pkeycb(vc_store, (vc_askpass_cb_t)passprompt);
123 /* if we don't have a key file, the key may be in the cert file */ 117 /* if we don't have a key file, the key may be in the cert file */
124 vc_x509store_setkeyfile(vc_store, keyfile ? keyfile : certfile); 118 vc_x509store_setkeyfile(&vc_store, keyfile ? keyfile : certfile);
125 119
126 free(keyfile); 120 free(keyfile);
127 free(certfile); 121 free(certfile);
128 } 122 }
129 123
130 vc_x509store_setflags(vc_store, VC_X509S_SSL_VERIFY_PEER);
131
132 /* get name of ca file */ 124 /* get name of ca file */
133 cafile = get_tilde_expanded (CF_CAFILE); 125 cafile = get_tilde_expanded (CF_CAFILE);
134 if (cafile && !access(cafile, F_OK)) { 126 if (cafile && !access(cafile, F_OK))
135 vc_x509store_setflags(vc_store, VC_X509S_NODEF_CAFILE); 127 vc_x509store_setcafile(&vc_store, cafile);
136 vc_x509store_setcafile(vc_store, cafile);
137 }
138 free(cafile); 128 free(cafile);
139 129
140 /* upgrade our plain BIO to ssl */ 130 /* upgrade our plain BIO to ssl */
141 int result = vc_tls_connect( serverfd, vc_store ); 131 int result = vc_tls_connect( serverfd, &vc_store );
142 vc_cleanup_x509store(vc_store); 132 vc_cleanup_x509store(&vc_store);
143 133
144 if (result) { 134 if (result) {
145 close(serverfd); 135 close(serverfd);