diff options
| -rw-r--r-- | usr.sbin/acme-client/http.c | 4 | ||||
| -rw-r--r-- | usr.sbin/acme-client/http.h | 3 | ||||
| -rw-r--r-- | usr.sbin/acme-client/netproc.c | 5 |
3 files changed, 6 insertions, 6 deletions
diff --git a/usr.sbin/acme-client/http.c b/usr.sbin/acme-client/http.c index 423c5e03311..13516fced89 100644 --- a/usr.sbin/acme-client/http.c +++ b/usr.sbin/acme-client/http.c @@ -1,4 +1,4 @@ -/* $Id: http.c,v 1.22 2018/08/08 17:47:44 deraadt Exp $ */ +/* $Id: http.c,v 1.23 2018/11/06 20:40:49 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -135,7 +135,7 @@ http_init() goto err; } - if (tls_config_set_ca_file(tlscfg, DEFAULT_CA_FILE) == -1) { + if (tls_config_set_ca_file(tlscfg, TLS_CA_CERT_FILE) == -1) { warn("tls_config_set_ca_file: %s", tls_config_error(tlscfg)); goto err; } diff --git a/usr.sbin/acme-client/http.h b/usr.sbin/acme-client/http.h index df1a601c288..aebfb73edda 100644 --- a/usr.sbin/acme-client/http.h +++ b/usr.sbin/acme-client/http.h @@ -1,4 +1,4 @@ -/* $Id: http.h,v 1.6 2018/08/08 17:47:44 deraadt Exp $ */ +/* $Id: http.h,v 1.7 2018/11/06 20:40:49 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -61,7 +61,6 @@ struct httpget { size_t bodypartsz; /* size of bodypart */ }; -#define DEFAULT_CA_FILE "/etc/ssl/cert.pem" int http_init(void); /* Convenience functions. */ diff --git a/usr.sbin/acme-client/netproc.c b/usr.sbin/acme-client/netproc.c index a0f1afab915..472c86aface 100644 --- a/usr.sbin/acme-client/netproc.c +++ b/usr.sbin/acme-client/netproc.c @@ -1,4 +1,4 @@ -/* $Id: netproc.c,v 1.17 2018/08/08 17:47:44 deraadt Exp $ */ +/* $Id: netproc.c,v 1.18 2018/11/06 20:40:49 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -22,6 +22,7 @@ #include <stdlib.h> #include <string.h> #include <unistd.h> +#include <tls.h> #include "http.h" #include "extern.h" @@ -612,7 +613,7 @@ netproc(int kfd, int afd, int Cfd, int cfd, int dfd, int rfd, memset(&paths, 0, sizeof(struct capaths)); memset(&c, 0, sizeof(struct conn)); - if (unveil(DEFAULT_CA_FILE, "r") == -1) { + if (unveil(TLS_CA_CERT_FILE, "r") == -1) { warn("unveil"); goto out; } |