1.增加配置文件对默认证书读取配置项

2.删除默认证书路径下无效证书 3.删除区分公钥和私钥读取证书模式
author: fengweihao <[email protected]> 2018-12-13 10:12:24 +0800
committer: fengweihao <[email protected]> 2018-12-13 10:12:24 +0800
commit: f8f9c22a858a5524e44ebc2de25182ac8ad132b6 (patch)
tree: 8391044ede7e36e8a741d2fdc6774f8c9426d646
parent: 131dbeaaa144c9068522efbf7b8f36ec68900ae0 (diff)
10 files changed, 27 insertions, 156 deletions
diff --git a/ca/mesalab-ca-cert.cer b/ca/mesalab-ca-cert.cer
deleted file mode 100644
index d0d32af..0000000
--- a/ca/mesalab-ca-cert.cer
+++ /dev/null
@@ -1,22 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDpTCCAo2gAwIBAgIGDdgTuLYiMA0GCSqGSIb3DQEBCwUAMCoxEzARBgNVBAMM
-Cm1lc2FsYWItY2ExEzARBgNVBAoMCm1lc2FsYWItY2EwHhcNMTgwMzI1MTY1MTM2
-WhcNMjEwMzI2MTY1MTM2WjAqMRMwEQYDVQQDDAptZXNhbGFiLWNhMRMwEQYDVQQK
-DAptZXNhbGFiLWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnLT
-pA+2Xef0VwKohbmr7ETuYcBm5YypXuANlEYApxhSdCvJZaGWznlDPL4EANTzM3g/
-3S3w8ms5p4B+uZnUE44EfmGl/UmmoL09k2/mj8/auOgdp0LTEOIpVzco8eIF2iGP
-G3jYwscDvOAjxv/k6l/YBohbG8oH+wCVz0bI1j97VxiBx5M/frrZtLqRTIedtOAB
-5S8VgtCa/rhik9aC8YA14UAnQSmVMsAZfuThSlCPb8h1ZnCfb1xJ7joHvbWh+L8O
-29oiWzBEN/uIw/qjiWQ1aVCES8kJk93+gpwG5qNbq8DGupJzTugWztzCZogMMotF
-L/QroMoFaPScBx6yewIDAQABo4HQMIHNMA8GA1UdEwEB/wQFMAMBAf8wEQYJYIZI
-AYb4QgEBBAQDAgIEMHgGA1UdJQRxMG8GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYB
-BQUHAwQGCCsGAQUFBwMIBgorBgEEAYI3AgEVBgorBgEEAYI3AgEWBgorBgEEAYI3
-CgMBBgorBgEEAYI3CgMDBgorBgEEAYI3CgMEBglghkgBhvhCBAEwDgYDVR0PAQH/
-BAQDAgEGMB0GA1UdDgQWBBSQJL1m7FTdhYC0Odubg/8ebnloLTANBgkqhkiG9w0B
-AQsFAAOCAQEAaVPocMiqwZK/0tROUz/W23DwGC+npZOyhAuGRze5YBV+zpVBhPv5
-8MeDkUr5jcoN8Papt5uq+6EHv+8fbVPTWBQRNuJD/WZ+CLkWTmDCyc+vbdXfsrRD
-i135Q+Q72oyEsLUbZMaYvNQ2tJ4Pb0Qjwcc5GSDXJJFhwqIPa9eYiZwRcg/cUvps
-ATgdZ5mZl1AfaINtXO1Y9Ic8PJcUotPSJ+YoG08dkAYrvo9Jc/n63ZOvnj0HVqBA
-JgWKjwoxNv1BiU2vEI6KBGO76hBidvcBHSnpvKSfiKwbMSp3Kai/+MHnVBfgp3yo
-WgeGkqyqiYEAZImAh/ps02XqtPWj9Sl2zQ==
------END CERTIFICATE-----
diff --git a/ca/mesalab-ca-cert.key b/ca/mesalab-ca-cert.key
deleted file mode 100644
index 9522943..0000000
--- a/ca/mesalab-ca-cert.key
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDCctOkD7Zd5/RX
-AqiFuavsRO5hwGbljKle4A2URgCnGFJ0K8lloZbOeUM8vgQA1PMzeD/dLfDyazmn
-gH65mdQTjgR+YaX9SaagvT2Tb+aPz9q46B2nQtMQ4ilXNyjx4gXaIY8beNjCxwO8
-4CPG/+TqX9gGiFsbygf7AJXPRsjWP3tXGIHHkz9+utm0upFMh5204AHlLxWC0Jr+
-uGKT1oLxgDXhQCdBKZUywBl+5OFKUI9vyHVmcJ9vXEnuOge9taH4vw7b2iJbMEQ3
-+4jD+qOJZDVpUIRLyQmT3f6CnAbmo1urwMa6knNO6BbO3MJmiAwyi0Uv9CugygVo
-9JwHHrJ7AgMBAAECggEAQ/ZSVpNPUD8UPZ0mPacJmgj1sKDI1g513D0/QcW90KlF
-mGj9eVIjHYNwprhbOdc0MZcj6zB1eKVVf1//6usDHtqSY4HJvF+Tp7a84N1JnpYt
-gldOlflbQBlsDZmv6+rt1LHKDPYN/PYGLmvA1Xr3DZv2K0JZZbsVUvt/YPUCmS72
-/Br1keFlvKeKdFRxFHznkLgE/5ZjtcxrwFc6pbp4LFyG1SzbQ655+XeXR/08Khi4
-Lsj2Xf9P7Yk8hgOVhx8+GRiR33Zoi5SiKvvnhXkR6QWzUvvnp6pqNbTDy2os9OFH
-nmlyMbTSbm9gk1JHw3xMbrPLtxx9T3tkZGhox33UoQKBgQDgLbK6vp9eZZQyF2is
-42YFYVgC2g3QDd+e34pN+1q581DkTJ75t3e/CosX1R6ApDnDmkfQDhLRlPmkCrH0
-Z+M7cjDzhPbDGcwgO/ag21osre6zWWJsDK6e64T1a3RmA4W13Nmyu+UCZSp/k0ng
-Te+jzdar8HZpeCu7FtxXrfdmIwKBgQDeDMmPueeF1WMa6KMJknA1CrwUgYlZ4nc8
-wYNjSYAq0b2k73M9OR4oxYEm843HrXpOIXFMpA38M7yMSBIVURMYtrd4TUvBwwVY
-/GBA94d1g91xKAMTiPRDRYpCvB1R56xLQ0ddXULAm2Xvt6QxrC+1/TZNzJOAn0z/
-JwNauVQLyQKBgQC5J+VT6jeU7s8M5Fq3WQYdcX4QtOrtqVfGT5lauT0BEp8AQOyZ
-EdiceGfTolmUJI/1J4sio00VvzbFL3Q1ikya/8DAkVSCZd87zGryBtoexvW9OhlZ
-ZswfRCVH0p2L2GLqh2NjBV+rr8T/I7bDxXslTtB8qJoUmIV9++63mF8bAwKBgQC+
-GKBuZS8qSlZ/8O2zAiUBo+EEhSk7RD/kSZ7b307UWZ9LlptHrKB/MyawXA3jBkcQ
-oFzIyiIW6YvfZMvmZ/Q7UiGb4kCa7wSi+9zDgaX8Gxn3B9QqYzMKbHxDSZyoQ/gi
-rsRnz7GYBvGr2cG9rLVjzhUxYZRdpwNZ5OJgRw0G0QKBgQC0nQiEHJ+c5PV2JcSB
-S5ux2yjbB0TcM7iOLvCy5tpd8w5paGsJHqNR93o/lB82A6nn7QO1vj6M3CU04SwC
-X74noxaiys0huVTMfJ3PrAm2AEE9jWlkI2X2F7s6sraSdcKKHlRQv+SI5X936nxF
-2W/lCSj77xdiebatxFUlJT7O7g==
------END PRIVATE KEY-----
-\ No newline at end of file
diff --git a/ca/mesalab-def-cert.cer b/ca/mesalab-def-cert.cer
deleted file mode 100644
index 504b169..0000000
--- a/ca/mesalab-def-cert.cer
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICVzCCAcACCQCJ9SZAOzkYozANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJD
-TjETMBEGA1UECAwKbXlwcm92aW5jZTEPMA0GA1UEBwwGbXljaXR5MRcwFQYDVQQK
-DA5teW9yZ2FuaXphdGlvbjEQMA4GA1UECwwHbXlncm91cDEQMA4GA1UEAwwHZGVm
-YXVsdDAeFw0xODA5MDcwNzE3NDlaFw0xOTA5MDcwNzE3NDlaMHAxCzAJBgNVBAYT
-AkNOMRMwEQYDVQQIDApteXByb3ZpbmNlMQ8wDQYDVQQHDAZteWNpdHkxFzAVBgNV
-BAoMDm15b3JnYW5pemF0aW9uMRAwDgYDVQQLDAdteWdyb3VwMRAwDgYDVQQDDAdk
-ZWZhdWx0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+ciLpiYlxCSqPnIQH
-J0rcJpb0m3JYfAfTdkZ1JG/BLXjfsHQQfHgT3pDSCwnEcV37XGH34gUPjcZCGfTP
-kDyR8sitT/UQziVVbeY9OaFvinFhAdVSmsTW3F8uzsbXXvhEptRbrpo3IfNZK+Rc
-dYHzXg1eIvlsx3k4E0+TaLqR1QIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAHtjn3yF
-84bNsot3XVexrwayhzVaG/HAWTuhA6QBKaU1SzOSBpeWcxosES7MdkrGzfvdsRBL
-OBxJMeTudJXtuQFU6VKfVgJWgMeMec+TgYTX5zGlrv0FTly3FjSoB9x7MFj6uweP
-p4L2k1gLRVZJ8eIb5FE17rjVXowVjMWXKa6M
------END CERTIFICATE-----
diff --git a/ca/mesalab-def-cert.key b/ca/mesalab-def-cert.key
deleted file mode 100644
index e3bab53..0000000
--- a/ca/mesalab-def-cert.key
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQC+ciLpiYlxCSqPnIQHJ0rcJpb0m3JYfAfTdkZ1JG/BLXjfsHQQ
-fHgT3pDSCwnEcV37XGH34gUPjcZCGfTPkDyR8sitT/UQziVVbeY9OaFvinFhAdVS
-msTW3F8uzsbXXvhEptRbrpo3IfNZK+RcdYHzXg1eIvlsx3k4E0+TaLqR1QIDAQAB
-AoGBAIMFwz8ogIZj6AQlii/huH79jZ171I9LxZaWKKMvDjO5NQ+wNimheHszBC99
-qJqd5CqqxDvmI9UvlNalROgIM6KFpVXcmqKJ6GCP3DaY4rLRPwNff1CVKARPNOPp
-Zy5/QiwVu42plw7EOqsd4xzyGny5o1NSQrRcsxecroBULa2BAkEA4RpLAnGOSRQ/
-ApPyt/9CIVH453LfCwa0U2EYVDq5f21bKged194c53Jp6R9VhGLGwpF/BuoTQkbA
-KM8fSyMQewJBANiWECsUrzCE8iAe1hsEZ56ep1bfLjjBcUGgl05VeWhxDDxwPhUH
-AHSXMful/NQZo65hFvKCgMS++wGKpSgM3e8CQDZcli7R463MYOcreZtr3rmTRUwH
-1suf496a/TgiMngOncyJqFngfxR58g/ljE57WErWvlmaH+qKkY+JbaJEpo8CQEmI
-GREnQpssZ6+0CGi/xBY8Mv/xYZXvRu5LAVOc/U0SJF9YlBs7d1IeCuAu6HlyAvov
-CEVpPSKO3FUXpx7Dz40CQGIDKpUn5iJcy56Sq235t5TS8McaBy0NUMo7VGSHmwcf
-J+GW2u8GK6l6iVyInnUwwhmXzVf8oij6rjoc12xvtzE=
------END RSA PRIVATE KEY-----
diff --git a/ca/mesalab-insec-cert.cer b/ca/mesalab-insec-cert.cer
deleted file mode 100644
index 67afe2f..0000000
--- a/ca/mesalab-insec-cert.cer
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDizCCAnOgAwIBAgIJAK8/bkwMJ0lJMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV
-BAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQg
-Q29tcGFueSBMdGQxGDAWBgNVBAMMD21lc2FsYWItdW50cnVzdDAeFw0xODEwMjMx
-MTI2MzNaFw0yODEwMjAxMTI2MzNaMFwxCzAJBgNVBAYTAlhYMRUwEwYDVQQHDAxE
-ZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQxGDAWBgNV
-BAMMD21lc2FsYWItdW50cnVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBANqgqDIsu2/lv+kU/HXP/AeCdBZiHKnLz3GP5D7ZRTmLJuTu3sqsabNjG0HB
-uqwIHNrxmN0upm+5AqaXVsCRoT7APW6DuGCNORWuUlS7GR4uMvYST6InGdMGE/4z
-40Wi4Z3aSikedWWzdNPA576LhH1UJ1M/hsaAnhFEa03WiHdzRVw2zyq1rCO3kIL6
-kzYXN06Tb+TU9DV9P7VY2vcUiBEIJX1Sy7NKRUpHRI73SAc6WIgUzMKaZhjajfEV
-9lAjPRS5pE4SFQ0sxSVrKG/GLfcwWyLkmVEsZFdOnFUgMI6WAXS93vvVSpl/ULET
-hmY+ghE2MQXcLPSAT7uw/x21/nMCAwEAAaNQME4wHQYDVR0OBBYEFCNbrgeYEDsO
-uDZMtqpC3vUe6qnvMB8GA1UdIwQYMBaAFCNbrgeYEDsOuDZMtqpC3vUe6qnvMAwG
-A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAKvFa44WkG8dFlCv1N+ZGCz1
-/sJ89/02OpZICHGTmp7q8HFbRCmUAV6oYS2wae5fyueOZwbLBhxWKJ8KSXHmgqzS
-Kox4uvNImJUbNbJ+6/Wxbb8Brf7Ev3DAZmVmsEpHcrM3k2Ww0YfU0HqrovUw32kk
-TPiFsoKJz1G0FH2fNSnWRMnOPDj1wm4Kx/225da4c78HSTEySDpkTkiJM5LoN+tp
-JGg6I9OUbbw7sANiN3IJYV5T7jkBDPpmzirN1+dXruDG8Xyob6I5dPiS3iqwAqQL
-RiueQbuSa0F3/koUbZOs4jIiWGObVK+w1WS9/+ESxMGC5bMwIMo1jkyexj5MBQE=
------END CERTIFICATE-----
diff --git a/ca/mesalab-insec-cert.key b/ca/mesalab-insec-cert.key
deleted file mode 100644
index faae6de..0000000
--- a/ca/mesalab-insec-cert.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEoQIBAAKCAQEA2qCoMiy7b+W/6RT8dc/8B4J0FmIcqcvPcY/kPtlFOYsm5O7e
-yqxps2MbQcG6rAgc2vGY3S6mb7kCppdWwJGhPsA9boO4YI05Fa5SVLsZHi4y9hJP
-oicZ0wYT/jPjRaLhndpKKR51ZbN008DnvouEfVQnUz+GxoCeEURrTdaId3NFXDbP
-KrWsI7eQgvqTNhc3TpNv5NT0NX0/tVja9xSIEQglfVLLs0pFSkdEjvdIBzpYiBTM
-wppmGNqN8RX2UCM9FLmkThIVDSzFJWsob8Yt9zBbIuSZUSxkV06cVSAwjpYBdL3e
-+9VKmX9QsROGZj6CETYxBdws9IBPu7D/HbX+cwIDAQABAoIBAHjGP6RYKcOK/BVa
-zoyWtPfBDThAQu1Z9eMaRlCh3igHwxi9DL6RuGKs4SXWS7U1VhttU7D8UF1vqxM0
-j2waByWPNWCTy4sq+NoNTtYX9axCgUyGmQ9O4mk89lZ7e5XAgTqemFFWziu8k1FX
-Q65zjGFf18mZUm7eJnQLg+ugFAtH0Si0iCcwSdou4Lnq5xxQ3FMqi+2DDOZ41mbN
-cOdms76PVWvxj+2/zIDxsQUCuGzdUbcQR8CXOQpZ4NQ/XKWytQIToaX/9YK7Ie9b
-BkO4Gis7pyaH0usRSaAA1KB5LQWAjhm5wg1E0OoP2fi/L4Xc7aNLN5pe71+zPzKU
-mCYbUqECgYEA7oJ8+OzYAL2YwvJDfLlAI1Raor75umjwe85hJ80LeAh+LVnfWbnX
-xcZf31lSpi+ZBkKBhO7lYFfrDKGSF9KX1/wVVBC/koozeqCSLS8P5Vv7MNYsODeV
-bXlhLm0qKfxBXQVaSCpUIFyaguDaeaviwZ/doIPIdrwoSkcB43yN9acCgYEA6qjs
-fN2cm8v+ps9zvGh5ytWaE7dp9Xtj6q6u5gNfrL87n02SwbZb8I/TBFExlyAjcEdQ
-mEoOKaKYJCClmxTtCn8cYbUmpP/QyJBaOoiJfxYW6aBrmxcgpZGvK+Gyjq8yl0uN
-0agFCeOCqFxkGKgOK/pDeOhrYWCS3DReBrVa4lUCgYEAyPHZNqPcrGsQfBY+M6Oj
-3OAh6IG7xojJK5XKFw1Sv1NwcucIHQFNQEyM05De6DKr2zFHC+d2C0CnQKITgsyj
-r42rroLZ1C1ph8Qmw7ilzNg8/n1DDi4OUAh2jvXcEzl7HFL5KFm5PPaoGuI0T1Q4
-nGcDA0xkJV0LGOFQPwfeVnsCfz1p+Hq1hUdBHGSL5r5omXd8b9a5KgIVSREipqOM
-Pn33jqMiqkYIdAeBnLiEh3YF80BvaahxuUMsSqUp5i2wTFly6vqnbnXAfeP/451u
-Ho4kOdrrIT51zxWGC1Jwv0qYj6UJIRS95JOx94AYrhnF4e+gkAgUzAWwQL9g9TrM
-O/0CgYB2CnxEsqBlVFiL5+cnUAjax1Z7aQmf+k1iis4VQoBmN050uFHbkkMO4QDn
-PF2KIrIrgUBYTvLdcn8mjKYkPcCQvTMT5aGEhyfPUYLZ/KU1ctHKb/ZnEBl+Ql7H
-GdK4sVa4K7REJEj1fZCLThVol6HHhjItSks7qJ3y8SMPK5pDzg==
------END RSA PRIVATE KEY-----
diff --git a/src/cert_conf.c b/src/cert_conf.c
index 5d7835c..cbf2171 100644
--- a/src/cert_conf.c
+++ b/src/cert_conf.c
@@ -21,7 +21,8 @@
 struct config_bucket_t certConfig = {
     .thread_nu = 1,
     .expire_after = 30,
-    .def_path  = "/home/test",
+    .ca_path  = "./cert/mesalab-ca.pem",
+    .uninsec_path = "./cert/mesalab-ca-untrust.pem",
     .addr_t = {9995, 6379, "0.0.0.0", 0, 6379, "0.0.0.0"},
     .keyring = {0, 0, NULL, NULL},
 };
@@ -47,11 +48,19 @@ static int load_system_config(char *config)
         mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Reading the number of valid time failed");
     }
 
-    xret = MESA_load_profile_string_nodef(config, "CONFIG", "def-ca-path", rte->def_path, 128);
-    if (xret < 0 && !rt_dir_exsit(rte->def_path)){
-        mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Read the def path failed or the (%s) does not exist",
-                         rte->def_path);
+    xret = MESA_load_profile_string_nodef(config, "CONFIG", "ca_path", rte->ca_path, 128);
+    if (xret <0 && rt_file_exsit(rte->ca_path)){
+        mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Read the ca path failed or the (%s) does not exist",
+                         rte->ca_path);
         goto finish;
+
+    }
+    xret = MESA_load_profile_string_nodef(config, "CONFIG", "untrusted_ca_path", rte->uninsec_path, 128);
+    if (xret <0 && rt_file_exsit(rte->uninsec_path)){
+        mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Read the untrusted ca path failed or the (%s) does not exist",
+                             rte->ca_path);
+        goto finish;
+
     }
 finish:
     return xret;
diff --git a/src/cert_conf.h b/src/cert_conf.h
index f7e16c8..7da297c 100644
--- a/src/cert_conf.h
+++ b/src/cert_conf.h
@@ -72,7 +72,8 @@ struct ntc_maat_t{
 struct config_bucket_t{
     unsigned int thread_nu;
 	unsigned int expire_after;
-    char def_path[128];
+    char ca_path[128];
+    char uninsec_path[128];
     struct ntc_maat_t maat_t;
     struct _initer_addr_t addr_t;
     struct key_ring_list keyring;
diff --git a/src/cert_session.c b/src/cert_session.c
index 9262754..77a3474 100644
--- a/src/cert_session.c
+++ b/src/cert_session.c
@@ -55,9 +55,6 @@
 #define LOCAL_USER_DER     2
 #define LOCAL_USER_P12     3
 
-#define DEFAULT_PRIVATEKEY_NAME  "mesalab-ca-cert.key"
-#define DEFAULT_CA_CERTIFICATE   "mesalab-ca-cert.cer"
-
 #define MESALAB_INSEC_CERT       "mesalab-insec-cert.cer"
 #define MESALAB_INSEC_KEY        "mesalab-insec-cert.key"
 
@@ -1293,8 +1290,7 @@ finish:
     return 0;
 }
 
-int x509_privatekey_init(char *private_file, char *public_file,
-                         EVP_PKEY **key, X509 **root)
+int x509_privatekey_init(char *ca_file, EVP_PKEY **key, X509 **root)
 {
     int xret = -1;
 	FILE *fp; RSA *rsa = NULL;
@@ -1309,9 +1305,9 @@ int x509_privatekey_init(char *private_file, char *public_file,
         goto pkey_free;
     }
 
-    fp = fopen(private_file, "r");
+    fp = fopen(ca_file, "r");
     if (NULL == fp){
-        mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to open file(%s)", private_file);
+        mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to open file(%s)", ca_file);
         RSA_free(rsa);
         goto pkey_free;
     }
@@ -1323,9 +1319,9 @@ int x509_privatekey_init(char *private_file, char *public_file,
     fclose(fp);
 
     BIO *in;
-    in = BIO_new_file(public_file, "r");
+    in = BIO_new_file(ca_file, "r");
     if (!in){
-        mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to open file(%s)", public_file);
+        mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to open file(%s)", ca_file);
         goto pkey_free;
     }
 
@@ -1590,7 +1586,7 @@ static int
 task_private_init(struct event_base *base, libevent_thread *info)
 {
     int xret = -1;
-    char key_path[256] = {0}, cert_path[256] = {0};
+    struct config_bucket_t *config = cert_default_config();
 
     /* Initialize the redis connection*/
     xret = redis_rsync_init(base, &info->cl_ctx);
@@ -1604,22 +1600,14 @@ task_private_init(struct event_base *base, libevent_thread *info)
     }
 
     /* Initialize the X509 CA*/
-    snprintf(key_path, sizeof(key_path), "%s/%s",   cert_default_config()->def_path, DEFAULT_PRIVATEKEY_NAME);
-    snprintf(cert_path, sizeof(cert_path), "%s/%s", cert_default_config()->def_path, DEFAULT_CA_CERTIFICATE);
-
-    xret = x509_privatekey_init(key_path, cert_path, &info->def.key, &info->def.root);
+    xret = x509_privatekey_init(config->ca_path, &info->def.key, &info->def.root);
     if (xret < 0 || !(info->def.key) || !(info->def.root)){
         mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to initialize the x509 certificate");
         goto finish;
     }
 
     /* Initialize the insec CA*/
-    memset(key_path, 0, 256);
-    memset(cert_path, 0, 256);
-    snprintf(key_path, sizeof(key_path), "%s/%s",   cert_default_config()->def_path, MESALAB_INSEC_KEY);
-    snprintf(cert_path, sizeof(cert_path), "%s/%s", cert_default_config()->def_path, MESALAB_INSEC_CERT);
-
-    xret = x509_privatekey_init(key_path, cert_path, &info->def.insec_key, &info->def.insec_root);
+    xret = x509_privatekey_init(config->uninsec_path, &info->def.insec_key, &info->def.insec_root);
     if (xret < 0 || !(info->def.key) || !(info->def.root)){
         mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to initialize the insec x509 certificate");
         goto finish;
@@ -1740,7 +1728,7 @@ redis_link_detection(uint32_t __attribute__((__unused__)) uid,
         if(info->cl_ctx->err != 0){
             if (info->sync)
                 redisFree(info->sync);
-            
+
             xret = redis_sync_init(&info->sync);
             if (xret < 0 || !info->sync){
                 mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "[%d]trying to connect sync redis failed", tid);
diff --git a/src/cert_store.c b/src/cert_store.c
index c97b756..e4dd4aa 100644
--- a/src/cert_store.c
+++ b/src/cert_store.c
@@ -93,7 +93,8 @@ void cert_preview ()
     printf("%30s:%45d\n", "Maat Redis Port", rte->addr_t.maat_port);
     printf("%30s:%45d\n", "Maat Redis index", rte->addr_t.dbindex);
     printf("%30s:%45d\n", "Libevent Port", rte->addr_t.e_port);
-    printf("%30s:%45s\n", "Def Cert Path", rte->def_path);
+    printf("%30s:%45s\n", "Cert Path", rte->ca_path);
+    printf("%30s:%45s\n", "Uninsec cert Path", rte->uninsec_path);
     printf("%30s:%45s\n", "Log Directory", logging_sc_lid.run_log_path);
     printf("%30s:%45s\n", "Table Info", rte->maat_t.info_path);
     if (rte->maat_t.maat_json_switch == 1){
author	fengweihao <[email protected]>	2018-12-13 10:12:24 +0800
committer	fengweihao <[email protected]>	2018-12-13 10:12:24 +0800
commit	f8f9c22a858a5524e44ebc2de25182ac8ad132b6 (patch)
tree	8391044ede7e36e8a741d2fdc6774f8c9426d646
parent	131dbeaaa144c9068522efbf7b8f36ec68900ae0 (diff)