diff --git a/ca/mesalab-ca-cert.cer b/ca/mesalab-ca-cert.cer deleted file mode 100644 index d0d32af..0000000 --- a/ca/mesalab-ca-cert.cer +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDpTCCAo2gAwIBAgIGDdgTuLYiMA0GCSqGSIb3DQEBCwUAMCoxEzARBgNVBAMM -Cm1lc2FsYWItY2ExEzARBgNVBAoMCm1lc2FsYWItY2EwHhcNMTgwMzI1MTY1MTM2 -WhcNMjEwMzI2MTY1MTM2WjAqMRMwEQYDVQQDDAptZXNhbGFiLWNhMRMwEQYDVQQK -DAptZXNhbGFiLWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnLT -pA+2Xef0VwKohbmr7ETuYcBm5YypXuANlEYApxhSdCvJZaGWznlDPL4EANTzM3g/ -3S3w8ms5p4B+uZnUE44EfmGl/UmmoL09k2/mj8/auOgdp0LTEOIpVzco8eIF2iGP -G3jYwscDvOAjxv/k6l/YBohbG8oH+wCVz0bI1j97VxiBx5M/frrZtLqRTIedtOAB -5S8VgtCa/rhik9aC8YA14UAnQSmVMsAZfuThSlCPb8h1ZnCfb1xJ7joHvbWh+L8O -29oiWzBEN/uIw/qjiWQ1aVCES8kJk93+gpwG5qNbq8DGupJzTugWztzCZogMMotF -L/QroMoFaPScBx6yewIDAQABo4HQMIHNMA8GA1UdEwEB/wQFMAMBAf8wEQYJYIZI -AYb4QgEBBAQDAgIEMHgGA1UdJQRxMG8GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYB -BQUHAwQGCCsGAQUFBwMIBgorBgEEAYI3AgEVBgorBgEEAYI3AgEWBgorBgEEAYI3 -CgMBBgorBgEEAYI3CgMDBgorBgEEAYI3CgMEBglghkgBhvhCBAEwDgYDVR0PAQH/ -BAQDAgEGMB0GA1UdDgQWBBSQJL1m7FTdhYC0Odubg/8ebnloLTANBgkqhkiG9w0B -AQsFAAOCAQEAaVPocMiqwZK/0tROUz/W23DwGC+npZOyhAuGRze5YBV+zpVBhPv5 -8MeDkUr5jcoN8Papt5uq+6EHv+8fbVPTWBQRNuJD/WZ+CLkWTmDCyc+vbdXfsrRD -i135Q+Q72oyEsLUbZMaYvNQ2tJ4Pb0Qjwcc5GSDXJJFhwqIPa9eYiZwRcg/cUvps -ATgdZ5mZl1AfaINtXO1Y9Ic8PJcUotPSJ+YoG08dkAYrvo9Jc/n63ZOvnj0HVqBA -JgWKjwoxNv1BiU2vEI6KBGO76hBidvcBHSnpvKSfiKwbMSp3Kai/+MHnVBfgp3yo -WgeGkqyqiYEAZImAh/ps02XqtPWj9Sl2zQ== ------END CERTIFICATE----- diff --git a/ca/mesalab-ca-cert.key b/ca/mesalab-ca-cert.key deleted file mode 100644 index 9522943..0000000 --- a/ca/mesalab-ca-cert.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDCctOkD7Zd5/RX -AqiFuavsRO5hwGbljKle4A2URgCnGFJ0K8lloZbOeUM8vgQA1PMzeD/dLfDyazmn -gH65mdQTjgR+YaX9SaagvT2Tb+aPz9q46B2nQtMQ4ilXNyjx4gXaIY8beNjCxwO8 -4CPG/+TqX9gGiFsbygf7AJXPRsjWP3tXGIHHkz9+utm0upFMh5204AHlLxWC0Jr+ -uGKT1oLxgDXhQCdBKZUywBl+5OFKUI9vyHVmcJ9vXEnuOge9taH4vw7b2iJbMEQ3 -+4jD+qOJZDVpUIRLyQmT3f6CnAbmo1urwMa6knNO6BbO3MJmiAwyi0Uv9CugygVo -9JwHHrJ7AgMBAAECggEAQ/ZSVpNPUD8UPZ0mPacJmgj1sKDI1g513D0/QcW90KlF -mGj9eVIjHYNwprhbOdc0MZcj6zB1eKVVf1//6usDHtqSY4HJvF+Tp7a84N1JnpYt -gldOlflbQBlsDZmv6+rt1LHKDPYN/PYGLmvA1Xr3DZv2K0JZZbsVUvt/YPUCmS72 -/Br1keFlvKeKdFRxFHznkLgE/5ZjtcxrwFc6pbp4LFyG1SzbQ655+XeXR/08Khi4 -Lsj2Xf9P7Yk8hgOVhx8+GRiR33Zoi5SiKvvnhXkR6QWzUvvnp6pqNbTDy2os9OFH -nmlyMbTSbm9gk1JHw3xMbrPLtxx9T3tkZGhox33UoQKBgQDgLbK6vp9eZZQyF2is -42YFYVgC2g3QDd+e34pN+1q581DkTJ75t3e/CosX1R6ApDnDmkfQDhLRlPmkCrH0 -Z+M7cjDzhPbDGcwgO/ag21osre6zWWJsDK6e64T1a3RmA4W13Nmyu+UCZSp/k0ng -Te+jzdar8HZpeCu7FtxXrfdmIwKBgQDeDMmPueeF1WMa6KMJknA1CrwUgYlZ4nc8 -wYNjSYAq0b2k73M9OR4oxYEm843HrXpOIXFMpA38M7yMSBIVURMYtrd4TUvBwwVY -/GBA94d1g91xKAMTiPRDRYpCvB1R56xLQ0ddXULAm2Xvt6QxrC+1/TZNzJOAn0z/ -JwNauVQLyQKBgQC5J+VT6jeU7s8M5Fq3WQYdcX4QtOrtqVfGT5lauT0BEp8AQOyZ -EdiceGfTolmUJI/1J4sio00VvzbFL3Q1ikya/8DAkVSCZd87zGryBtoexvW9OhlZ -ZswfRCVH0p2L2GLqh2NjBV+rr8T/I7bDxXslTtB8qJoUmIV9++63mF8bAwKBgQC+ -GKBuZS8qSlZ/8O2zAiUBo+EEhSk7RD/kSZ7b307UWZ9LlptHrKB/MyawXA3jBkcQ -oFzIyiIW6YvfZMvmZ/Q7UiGb4kCa7wSi+9zDgaX8Gxn3B9QqYzMKbHxDSZyoQ/gi -rsRnz7GYBvGr2cG9rLVjzhUxYZRdpwNZ5OJgRw0G0QKBgQC0nQiEHJ+c5PV2JcSB -S5ux2yjbB0TcM7iOLvCy5tpd8w5paGsJHqNR93o/lB82A6nn7QO1vj6M3CU04SwC -X74noxaiys0huVTMfJ3PrAm2AEE9jWlkI2X2F7s6sraSdcKKHlRQv+SI5X936nxF -2W/lCSj77xdiebatxFUlJT7O7g== ------END PRIVATE KEY----- \ No newline at end of file diff --git a/ca/mesalab-def-cert.cer b/ca/mesalab-def-cert.cer deleted file mode 100644 index 504b169..0000000 --- a/ca/mesalab-def-cert.cer +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICVzCCAcACCQCJ9SZAOzkYozANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJD -TjETMBEGA1UECAwKbXlwcm92aW5jZTEPMA0GA1UEBwwGbXljaXR5MRcwFQYDVQQK -DA5teW9yZ2FuaXphdGlvbjEQMA4GA1UECwwHbXlncm91cDEQMA4GA1UEAwwHZGVm -YXVsdDAeFw0xODA5MDcwNzE3NDlaFw0xOTA5MDcwNzE3NDlaMHAxCzAJBgNVBAYT -AkNOMRMwEQYDVQQIDApteXByb3ZpbmNlMQ8wDQYDVQQHDAZteWNpdHkxFzAVBgNV -BAoMDm15b3JnYW5pemF0aW9uMRAwDgYDVQQLDAdteWdyb3VwMRAwDgYDVQQDDAdk -ZWZhdWx0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+ciLpiYlxCSqPnIQH -J0rcJpb0m3JYfAfTdkZ1JG/BLXjfsHQQfHgT3pDSCwnEcV37XGH34gUPjcZCGfTP -kDyR8sitT/UQziVVbeY9OaFvinFhAdVSmsTW3F8uzsbXXvhEptRbrpo3IfNZK+Rc -dYHzXg1eIvlsx3k4E0+TaLqR1QIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAHtjn3yF -84bNsot3XVexrwayhzVaG/HAWTuhA6QBKaU1SzOSBpeWcxosES7MdkrGzfvdsRBL -OBxJMeTudJXtuQFU6VKfVgJWgMeMec+TgYTX5zGlrv0FTly3FjSoB9x7MFj6uweP -p4L2k1gLRVZJ8eIb5FE17rjVXowVjMWXKa6M ------END CERTIFICATE----- diff --git a/ca/mesalab-def-cert.key b/ca/mesalab-def-cert.key deleted file mode 100644 index e3bab53..0000000 --- a/ca/mesalab-def-cert.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQC+ciLpiYlxCSqPnIQHJ0rcJpb0m3JYfAfTdkZ1JG/BLXjfsHQQ -fHgT3pDSCwnEcV37XGH34gUPjcZCGfTPkDyR8sitT/UQziVVbeY9OaFvinFhAdVS -msTW3F8uzsbXXvhEptRbrpo3IfNZK+RcdYHzXg1eIvlsx3k4E0+TaLqR1QIDAQAB -AoGBAIMFwz8ogIZj6AQlii/huH79jZ171I9LxZaWKKMvDjO5NQ+wNimheHszBC99 -qJqd5CqqxDvmI9UvlNalROgIM6KFpVXcmqKJ6GCP3DaY4rLRPwNff1CVKARPNOPp -Zy5/QiwVu42plw7EOqsd4xzyGny5o1NSQrRcsxecroBULa2BAkEA4RpLAnGOSRQ/ -ApPyt/9CIVH453LfCwa0U2EYVDq5f21bKged194c53Jp6R9VhGLGwpF/BuoTQkbA -KM8fSyMQewJBANiWECsUrzCE8iAe1hsEZ56ep1bfLjjBcUGgl05VeWhxDDxwPhUH -AHSXMful/NQZo65hFvKCgMS++wGKpSgM3e8CQDZcli7R463MYOcreZtr3rmTRUwH -1suf496a/TgiMngOncyJqFngfxR58g/ljE57WErWvlmaH+qKkY+JbaJEpo8CQEmI -GREnQpssZ6+0CGi/xBY8Mv/xYZXvRu5LAVOc/U0SJF9YlBs7d1IeCuAu6HlyAvov -CEVpPSKO3FUXpx7Dz40CQGIDKpUn5iJcy56Sq235t5TS8McaBy0NUMo7VGSHmwcf -J+GW2u8GK6l6iVyInnUwwhmXzVf8oij6rjoc12xvtzE= ------END RSA PRIVATE KEY----- diff --git a/ca/mesalab-insec-cert.cer b/ca/mesalab-insec-cert.cer deleted file mode 100644 index 67afe2f..0000000 --- a/ca/mesalab-insec-cert.cer +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDizCCAnOgAwIBAgIJAK8/bkwMJ0lJMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV -BAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQg -Q29tcGFueSBMdGQxGDAWBgNVBAMMD21lc2FsYWItdW50cnVzdDAeFw0xODEwMjMx -MTI2MzNaFw0yODEwMjAxMTI2MzNaMFwxCzAJBgNVBAYTAlhYMRUwEwYDVQQHDAxE -ZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQxGDAWBgNV -BAMMD21lc2FsYWItdW50cnVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBANqgqDIsu2/lv+kU/HXP/AeCdBZiHKnLz3GP5D7ZRTmLJuTu3sqsabNjG0HB -uqwIHNrxmN0upm+5AqaXVsCRoT7APW6DuGCNORWuUlS7GR4uMvYST6InGdMGE/4z -40Wi4Z3aSikedWWzdNPA576LhH1UJ1M/hsaAnhFEa03WiHdzRVw2zyq1rCO3kIL6 -kzYXN06Tb+TU9DV9P7VY2vcUiBEIJX1Sy7NKRUpHRI73SAc6WIgUzMKaZhjajfEV -9lAjPRS5pE4SFQ0sxSVrKG/GLfcwWyLkmVEsZFdOnFUgMI6WAXS93vvVSpl/ULET -hmY+ghE2MQXcLPSAT7uw/x21/nMCAwEAAaNQME4wHQYDVR0OBBYEFCNbrgeYEDsO -uDZMtqpC3vUe6qnvMB8GA1UdIwQYMBaAFCNbrgeYEDsOuDZMtqpC3vUe6qnvMAwG -A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAKvFa44WkG8dFlCv1N+ZGCz1 -/sJ89/02OpZICHGTmp7q8HFbRCmUAV6oYS2wae5fyueOZwbLBhxWKJ8KSXHmgqzS -Kox4uvNImJUbNbJ+6/Wxbb8Brf7Ev3DAZmVmsEpHcrM3k2Ww0YfU0HqrovUw32kk -TPiFsoKJz1G0FH2fNSnWRMnOPDj1wm4Kx/225da4c78HSTEySDpkTkiJM5LoN+tp -JGg6I9OUbbw7sANiN3IJYV5T7jkBDPpmzirN1+dXruDG8Xyob6I5dPiS3iqwAqQL -RiueQbuSa0F3/koUbZOs4jIiWGObVK+w1WS9/+ESxMGC5bMwIMo1jkyexj5MBQE= ------END CERTIFICATE----- diff --git a/ca/mesalab-insec-cert.key b/ca/mesalab-insec-cert.key deleted file mode 100644 index faae6de..0000000 --- a/ca/mesalab-insec-cert.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEoQIBAAKCAQEA2qCoMiy7b+W/6RT8dc/8B4J0FmIcqcvPcY/kPtlFOYsm5O7e -yqxps2MbQcG6rAgc2vGY3S6mb7kCppdWwJGhPsA9boO4YI05Fa5SVLsZHi4y9hJP -oicZ0wYT/jPjRaLhndpKKR51ZbN008DnvouEfVQnUz+GxoCeEURrTdaId3NFXDbP -KrWsI7eQgvqTNhc3TpNv5NT0NX0/tVja9xSIEQglfVLLs0pFSkdEjvdIBzpYiBTM -wppmGNqN8RX2UCM9FLmkThIVDSzFJWsob8Yt9zBbIuSZUSxkV06cVSAwjpYBdL3e -+9VKmX9QsROGZj6CETYxBdws9IBPu7D/HbX+cwIDAQABAoIBAHjGP6RYKcOK/BVa -zoyWtPfBDThAQu1Z9eMaRlCh3igHwxi9DL6RuGKs4SXWS7U1VhttU7D8UF1vqxM0 -j2waByWPNWCTy4sq+NoNTtYX9axCgUyGmQ9O4mk89lZ7e5XAgTqemFFWziu8k1FX -Q65zjGFf18mZUm7eJnQLg+ugFAtH0Si0iCcwSdou4Lnq5xxQ3FMqi+2DDOZ41mbN -cOdms76PVWvxj+2/zIDxsQUCuGzdUbcQR8CXOQpZ4NQ/XKWytQIToaX/9YK7Ie9b -BkO4Gis7pyaH0usRSaAA1KB5LQWAjhm5wg1E0OoP2fi/L4Xc7aNLN5pe71+zPzKU -mCYbUqECgYEA7oJ8+OzYAL2YwvJDfLlAI1Raor75umjwe85hJ80LeAh+LVnfWbnX -xcZf31lSpi+ZBkKBhO7lYFfrDKGSF9KX1/wVVBC/koozeqCSLS8P5Vv7MNYsODeV -bXlhLm0qKfxBXQVaSCpUIFyaguDaeaviwZ/doIPIdrwoSkcB43yN9acCgYEA6qjs -fN2cm8v+ps9zvGh5ytWaE7dp9Xtj6q6u5gNfrL87n02SwbZb8I/TBFExlyAjcEdQ -mEoOKaKYJCClmxTtCn8cYbUmpP/QyJBaOoiJfxYW6aBrmxcgpZGvK+Gyjq8yl0uN -0agFCeOCqFxkGKgOK/pDeOhrYWCS3DReBrVa4lUCgYEAyPHZNqPcrGsQfBY+M6Oj -3OAh6IG7xojJK5XKFw1Sv1NwcucIHQFNQEyM05De6DKr2zFHC+d2C0CnQKITgsyj -r42rroLZ1C1ph8Qmw7ilzNg8/n1DDi4OUAh2jvXcEzl7HFL5KFm5PPaoGuI0T1Q4 -nGcDA0xkJV0LGOFQPwfeVnsCfz1p+Hq1hUdBHGSL5r5omXd8b9a5KgIVSREipqOM -Pn33jqMiqkYIdAeBnLiEh3YF80BvaahxuUMsSqUp5i2wTFly6vqnbnXAfeP/451u -Ho4kOdrrIT51zxWGC1Jwv0qYj6UJIRS95JOx94AYrhnF4e+gkAgUzAWwQL9g9TrM -O/0CgYB2CnxEsqBlVFiL5+cnUAjax1Z7aQmf+k1iis4VQoBmN050uFHbkkMO4QDn -PF2KIrIrgUBYTvLdcn8mjKYkPcCQvTMT5aGEhyfPUYLZ/KU1ctHKb/ZnEBl+Ql7H -GdK4sVa4K7REJEj1fZCLThVol6HHhjItSks7qJ3y8SMPK5pDzg== ------END RSA PRIVATE KEY----- diff --git a/src/cert_conf.c b/src/cert_conf.c index 5d7835c..cbf2171 100644 --- a/src/cert_conf.c +++ b/src/cert_conf.c @@ -21,7 +21,8 @@ struct config_bucket_t certConfig = { .thread_nu = 1, .expire_after = 30, - .def_path = "/home/test", + .ca_path = "./cert/mesalab-ca.pem", + .uninsec_path = "./cert/mesalab-ca-untrust.pem", .addr_t = {9995, 6379, "0.0.0.0", 0, 6379, "0.0.0.0"}, .keyring = {0, 0, NULL, NULL}, }; @@ -47,11 +48,19 @@ static int load_system_config(char *config) mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Reading the number of valid time failed"); } - xret = MESA_load_profile_string_nodef(config, "CONFIG", "def-ca-path", rte->def_path, 128); - if (xret < 0 && !rt_dir_exsit(rte->def_path)){ - mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Read the def path failed or the (%s) does not exist", - rte->def_path); + xret = MESA_load_profile_string_nodef(config, "CONFIG", "ca_path", rte->ca_path, 128); + if (xret <0 && rt_file_exsit(rte->ca_path)){ + mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Read the ca path failed or the (%s) does not exist", + rte->ca_path); goto finish; + + } + xret = MESA_load_profile_string_nodef(config, "CONFIG", "untrusted_ca_path", rte->uninsec_path, 128); + if (xret <0 && rt_file_exsit(rte->uninsec_path)){ + mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Read the untrusted ca path failed or the (%s) does not exist", + rte->ca_path); + goto finish; + } finish: return xret; diff --git a/src/cert_conf.h b/src/cert_conf.h index f7e16c8..7da297c 100644 --- a/src/cert_conf.h +++ b/src/cert_conf.h @@ -72,7 +72,8 @@ struct ntc_maat_t{ struct config_bucket_t{ unsigned int thread_nu; unsigned int expire_after; - char def_path[128]; + char ca_path[128]; + char uninsec_path[128]; struct ntc_maat_t maat_t; struct _initer_addr_t addr_t; struct key_ring_list keyring; diff --git a/src/cert_session.c b/src/cert_session.c index 9262754..77a3474 100644 --- a/src/cert_session.c +++ b/src/cert_session.c @@ -55,9 +55,6 @@ #define LOCAL_USER_DER 2 #define LOCAL_USER_P12 3 -#define DEFAULT_PRIVATEKEY_NAME "mesalab-ca-cert.key" -#define DEFAULT_CA_CERTIFICATE "mesalab-ca-cert.cer" - #define MESALAB_INSEC_CERT "mesalab-insec-cert.cer" #define MESALAB_INSEC_KEY "mesalab-insec-cert.key" @@ -1293,8 +1290,7 @@ finish: return 0; } -int x509_privatekey_init(char *private_file, char *public_file, - EVP_PKEY **key, X509 **root) +int x509_privatekey_init(char *ca_file, EVP_PKEY **key, X509 **root) { int xret = -1; FILE *fp; RSA *rsa = NULL; @@ -1309,9 +1305,9 @@ int x509_privatekey_init(char *private_file, char *public_file, goto pkey_free; } - fp = fopen(private_file, "r"); + fp = fopen(ca_file, "r"); if (NULL == fp){ - mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to open file(%s)", private_file); + mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to open file(%s)", ca_file); RSA_free(rsa); goto pkey_free; } @@ -1323,9 +1319,9 @@ int x509_privatekey_init(char *private_file, char *public_file, fclose(fp); BIO *in; - in = BIO_new_file(public_file, "r"); + in = BIO_new_file(ca_file, "r"); if (!in){ - mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to open file(%s)", public_file); + mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to open file(%s)", ca_file); goto pkey_free; } @@ -1590,7 +1586,7 @@ static int task_private_init(struct event_base *base, libevent_thread *info) { int xret = -1; - char key_path[256] = {0}, cert_path[256] = {0}; + struct config_bucket_t *config = cert_default_config(); /* Initialize the redis connection*/ xret = redis_rsync_init(base, &info->cl_ctx); @@ -1604,22 +1600,14 @@ task_private_init(struct event_base *base, libevent_thread *info) } /* Initialize the X509 CA*/ - snprintf(key_path, sizeof(key_path), "%s/%s", cert_default_config()->def_path, DEFAULT_PRIVATEKEY_NAME); - snprintf(cert_path, sizeof(cert_path), "%s/%s", cert_default_config()->def_path, DEFAULT_CA_CERTIFICATE); - - xret = x509_privatekey_init(key_path, cert_path, &info->def.key, &info->def.root); + xret = x509_privatekey_init(config->ca_path, &info->def.key, &info->def.root); if (xret < 0 || !(info->def.key) || !(info->def.root)){ mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to initialize the x509 certificate"); goto finish; } /* Initialize the insec CA*/ - memset(key_path, 0, 256); - memset(cert_path, 0, 256); - snprintf(key_path, sizeof(key_path), "%s/%s", cert_default_config()->def_path, MESALAB_INSEC_KEY); - snprintf(cert_path, sizeof(cert_path), "%s/%s", cert_default_config()->def_path, MESALAB_INSEC_CERT); - - xret = x509_privatekey_init(key_path, cert_path, &info->def.insec_key, &info->def.insec_root); + xret = x509_privatekey_init(config->uninsec_path, &info->def.insec_key, &info->def.insec_root); if (xret < 0 || !(info->def.key) || !(info->def.root)){ mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to initialize the insec x509 certificate"); goto finish; @@ -1740,7 +1728,7 @@ redis_link_detection(uint32_t __attribute__((__unused__)) uid, if(info->cl_ctx->err != 0){ if (info->sync) redisFree(info->sync); - + xret = redis_sync_init(&info->sync); if (xret < 0 || !info->sync){ mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "[%d]trying to connect sync redis failed", tid); diff --git a/src/cert_store.c b/src/cert_store.c index c97b756..e4dd4aa 100644 --- a/src/cert_store.c +++ b/src/cert_store.c @@ -93,7 +93,8 @@ void cert_preview () printf("%30s:%45d\n", "Maat Redis Port", rte->addr_t.maat_port); printf("%30s:%45d\n", "Maat Redis index", rte->addr_t.dbindex); printf("%30s:%45d\n", "Libevent Port", rte->addr_t.e_port); - printf("%30s:%45s\n", "Def Cert Path", rte->def_path); + printf("%30s:%45s\n", "Cert Path", rte->ca_path); + printf("%30s:%45s\n", "Uninsec cert Path", rte->uninsec_path); printf("%30s:%45s\n", "Log Directory", logging_sc_lid.run_log_path); printf("%30s:%45s\n", "Table Info", rte->maat_t.info_path); if (rte->maat_t.maat_json_switch == 1){