diff options
Diffstat (limited to 'kike.c')
-rw-r--r-- | kike.c | 44 |
1 files changed, 22 insertions, 22 deletions
@@ -44,9 +44,9 @@ static struct config_item g_config_table[] = { "bind_host", NULL, "Address of the IRC server" }, { "bind_port", "6667", "Port of the IRC server" }, - { "ssl_cert", NULL, "Server TLS certificate (PEM)" }, - { "ssl_key", NULL, "Server TLS private key (PEM)" }, - { "ssl_ciphers", DEFAULT_CIPHERS, "OpenSSL cipher list" }, + { "tls_cert", NULL, "Server TLS certificate (PEM)" }, + { "tls_key", NULL, "Server TLS private key (PEM)" }, + { "tls_ciphers", DEFAULT_CIPHERS, "OpenSSL cipher list" }, { "operators", NULL, "IRCop TLS cert. fingerprints" }, @@ -3106,7 +3106,7 @@ irc_try_read (struct client *c) } static bool -irc_try_read_ssl (struct client *c) +irc_try_read_tls (struct client *c) { if (c->ssl_tx_want_rx) return true; @@ -3174,7 +3174,7 @@ irc_try_write (struct client *c) } static bool -irc_try_write_ssl (struct client *c) +irc_try_write_tls (struct client *c) { if (c->ssl_rx_want_tx) return true; @@ -3212,7 +3212,7 @@ irc_try_write_ssl (struct client *c) } static bool -irc_autodetect_ssl (struct client *c) +irc_autodetect_tls (struct client *c) { // Trivial SSL/TLS autodetection. The first block of data returned by // recv() must be at least three bytes long for this to work reliably, @@ -3251,7 +3251,7 @@ start: } static bool -client_initialize_ssl (struct client *c) +client_initialize_tls (struct client *c) { const char *error_info = NULL; if (!c->ctx->ssl_ctx) @@ -3288,7 +3288,7 @@ on_client_ready (const struct pollfd *pfd, void *user_data) if (!c->initialized) { hard_assert (pfd->events == POLLIN); - if (irc_autodetect_ssl (c) && !client_initialize_ssl (c)) + if (irc_autodetect_tls (c) && !client_initialize_tls (c)) { client_kill (c, NULL); return; @@ -3301,7 +3301,7 @@ on_client_ready (const struct pollfd *pfd, void *user_data) { // Reads may want to write, writes may want to read, poll() may // return unexpected things in `revents'... let's try both - if (!irc_try_read_ssl (c) || !irc_try_write_ssl (c)) + if (!irc_try_read_tls (c) || !irc_try_write_tls (c)) return; } else if (!irc_try_read (c) || !irc_try_write (c)) @@ -3510,7 +3510,7 @@ irc_initialize_ssl_ctx (struct server_context *ctx, SSL_CTX_set_options (ctx->ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); // XXX: perhaps we should read the files ourselves for better messages - const char *ciphers = str_map_find (&ctx->config, "ssl_ciphers"); + const char *ciphers = str_map_find (&ctx->config, "tls_ciphers"); if (!SSL_CTX_set_cipher_list (ctx->ssl_ctx, ciphers)) error_set (e, "failed to select any cipher from the cipher list"); else if (!SSL_CTX_use_certificate_chain_file (ctx->ssl_ctx, cert_path)) @@ -3531,33 +3531,33 @@ irc_initialize_ssl_ctx (struct server_context *ctx, } static bool -irc_initialize_ssl (struct server_context *ctx, struct error **e) +irc_initialize_tls (struct server_context *ctx, struct error **e) { - const char *ssl_cert = str_map_find (&ctx->config, "ssl_cert"); - const char *ssl_key = str_map_find (&ctx->config, "ssl_key"); + const char *tls_cert = str_map_find (&ctx->config, "tls_cert"); + const char *tls_key = str_map_find (&ctx->config, "tls_key"); // Only try to enable SSL support if the user configures it; it is not // a failure if no one has requested it. - if (!ssl_cert && !ssl_key) + if (!tls_cert && !tls_key) return true; - if (!ssl_cert) + if (!tls_cert) error_set (e, "no TLS certificate set"); - else if (!ssl_key) + else if (!tls_key) error_set (e, "no TLS private key set"); - if (!ssl_cert || !ssl_key) + if (!tls_cert || !tls_key) return false; bool result = false; char *cert_path = resolve_filename - (ssl_cert, resolve_relative_config_filename); + (tls_cert, resolve_relative_config_filename); char *key_path = resolve_filename - (ssl_key, resolve_relative_config_filename); + (tls_key, resolve_relative_config_filename); if (!cert_path) - error_set (e, "%s: %s", "cannot open file", ssl_cert); + error_set (e, "%s: %s", "cannot open file", tls_cert); else if (!key_path) - error_set (e, "%s: %s", "cannot open file", ssl_key); + error_set (e, "%s: %s", "cannot open file", tls_key); else result = irc_initialize_ssl_ctx (ctx, cert_path, key_path, e); @@ -4019,7 +4019,7 @@ main (int argc, char *argv[]) ctx.signal_event.user_data = &ctx; poller_fd_set (&ctx.signal_event, POLLIN); - if (!irc_initialize_ssl (&ctx, &e) + if (!irc_initialize_tls (&ctx, &e) || !irc_initialize_server_name (&ctx, &e) || !irc_initialize_motd (&ctx, &e) || !irc_initialize_catalog (&ctx, &e) |