summaryrefslogtreecommitdiff
path: root/src/swanctl/commands/load_conns.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/swanctl/commands/load_conns.c')
-rw-r--r--src/swanctl/commands/load_conns.c67
1 files changed, 39 insertions, 28 deletions
diff --git a/src/swanctl/commands/load_conns.c b/src/swanctl/commands/load_conns.c
index 2e443a94a..0518ef54f 100644
--- a/src/swanctl/commands/load_conns.c
+++ b/src/swanctl/commands/load_conns.c
@@ -38,6 +38,7 @@ static bool is_list_key(char *key)
"vips",
"pools",
"groups",
+ "cert_policy",
};
int i;
@@ -97,7 +98,7 @@ static void add_list_key(vici_req_t *req, char *key, char *value)
static bool add_file_list_key(vici_req_t *req, char *key, char *value)
{
enumerator_t *enumerator;
- chunk_t *map;
+ chunk_t *map, blob;
char *token, buf[PATH_MAX];
bool ret = TRUE;
@@ -105,41 +106,51 @@ static bool add_file_list_key(vici_req_t *req, char *key, char *value)
enumerator = enumerator_create_token(value, ",", " ");
while (enumerator->enumerate(enumerator, &token))
{
- if (!path_absolute(token))
+ if (strcasepfx(token, "0x") || strcasepfx(token, "0s"))
{
- if (streq(key, "certs"))
+ blob = chunk_from_str(token + 2);
+ blob = strcasepfx(token, "0x") ? chunk_from_hex(blob, NULL)
+ : chunk_from_base64(blob, NULL);
+ vici_add_list_item(req, blob.ptr, blob.len);
+ chunk_free(&blob);
+ }
+ else
+ {
+ if (!path_absolute(token))
{
- snprintf(buf, sizeof(buf), "%s%s%s",
- SWANCTL_X509DIR, DIRECTORY_SEPARATOR, token);
- token = buf;
+ if (streq(key, "certs"))
+ {
+ snprintf(buf, sizeof(buf), "%s%s%s",
+ SWANCTL_X509DIR, DIRECTORY_SEPARATOR, token);
+ token = buf;
+ }
+ else if (streq(key, "cacerts"))
+ {
+ snprintf(buf, sizeof(buf), "%s%s%s",
+ SWANCTL_X509CADIR, DIRECTORY_SEPARATOR, token);
+ token = buf;
+ }
+ else if (streq(key, "pubkeys"))
+ {
+ snprintf(buf, sizeof(buf), "%s%s%s",
+ SWANCTL_PUBKEYDIR, DIRECTORY_SEPARATOR, token);
+ token = buf;
+ }
}
- else if (streq(key, "cacerts"))
+ map = chunk_map(token, FALSE);
+ if (map)
{
- snprintf(buf, sizeof(buf), "%s%s%s",
- SWANCTL_X509CADIR, DIRECTORY_SEPARATOR, token);
- token = buf;
+ vici_add_list_item(req, map->ptr, map->len);
+ chunk_unmap(map);
}
- else if (streq(key, "pubkeys"))
+ else
{
- snprintf(buf, sizeof(buf), "%s%s%s",
- SWANCTL_PUBKEYDIR, DIRECTORY_SEPARATOR, token);
- token = buf;
+ fprintf(stderr, "loading %s certificate '%s' failed: %s\n",
+ key, token, strerror(errno));
+ ret = FALSE;
+ break;
}
}
-
- map = chunk_map(token, FALSE);
- if (map)
- {
- vici_add_list_item(req, map->ptr, map->len);
- chunk_unmap(map);
- }
- else
- {
- fprintf(stderr, "loading %s certificate '%s' failed: %s\n",
- key, token, strerror(errno));
- ret = FALSE;
- break;
- }
}
enumerator->destroy(enumerator);
vici_end_list(req);
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-15 15:37:56 +0000