Added option server_ssl to indicate whether server is SSL enabled.

[cascardo/rnetproxy.git] / popproxy.c

diff --git a/popproxy.c b/popproxy.c
index f54c77c..f5f88bd 100644 (file)
--- a/popproxy.c
+++ b/popproxy.c
@@ -38,10 +38,11 @@ struct pop_address
 {
   char *server;
   char *port;
+  int ssl;
 };
 
 static HCConn *
-server_conn_new (char *server, char *port)
+server_conn_new (char *server, char *port, int ssl)
 {
   int fd;
   HCConn *conn;
@@ -54,15 +55,16 @@ server_conn_new (char *server, char *port)
       return NULL;
     }
   conn = hc_conn_new (NULL, NULL);
-  ssl_conn = hc_conn_new (NULL, NULL);
   r = hc_conn_set_driver_channel (conn, fd);
   if (r != 0)
     {
-      hc_conn_close (ssl_conn);
       hc_conn_close (conn);
       close (fd);
       return NULL;
     }
+  if (!ssl)
+    return conn;
+  ssl_conn = hc_conn_new (NULL, NULL);
   r = hc_conn_set_driver_ssl_client (ssl_conn, conn);
   if (r != 0)
     {
@@ -141,7 +143,8 @@ new_client (int fd, struct sockaddr *addr, socklen_t saddr, gpointer data)
   g_message ("Received connection from %s.",
              inet_ntoa (((struct sockaddr_in *) addr)->sin_addr));
 
-  server_conn = server_conn_new (address->server, address->port);
+  server_conn = server_conn_new (address->server, address->port,
+                                 address->ssl);
   if (server_conn == NULL)
     {
       return;
@@ -181,6 +184,9 @@ int main (int argc, char **argv)
   gchar *port;
   gchar *server_address;
   gchar *server_port;
+  int server_ssl;
+  gchar *certfile;
+  gchar *ssl_keyfile;
   struct pop_address pop_address;
 
   gnutls_global_init ();
@@ -211,6 +217,26 @@ int main (int argc, char **argv)
       exit (1);
     }
 
+  error = NULL;
+  certfile = g_key_file_get_string (keyfile, "global", "certfile",
+                                    &error);
+  if (certfile == NULL && error != NULL)
+    {
+      g_critical ("No certification file specified: %s.",
+                  error->message);
+      g_error_free (error);
+      exit (1);
+    }
+  error = NULL;
+  ssl_keyfile = g_key_file_get_string (keyfile, "global", "keyfile",
+                                       &error);
+  if (ssl_keyfile == NULL && error != NULL)
+    {
+      ssl_keyfile = g_strdup (certfile);
+      g_error_free (error);
+    }
+
+
   error = NULL;
   conf_address = g_key_file_get_string (keyfile, "global", "address",
                                         &error);
@@ -242,9 +268,19 @@ int main (int argc, char **argv)
       server_port = g_strdup ("995");
       g_error_free (error);
     }
+  error = NULL;
+  server_ssl = g_key_file_get_boolean (keyfile, "global", "server_ssl",
+                                       &error);
+  if (server_ssl == 0 && error != NULL)
+    {
+      server_ssl = 0;
+      g_error_free (error);
+    }
+
 
   pop_address.server = server_address;
   pop_address.port = server_port;
+  pop_address.ssl = server_ssl;
 
   server_fd = hc_tcp_server (port);
   if (server_fd < 0)
@@ -264,7 +300,10 @@ int main (int argc, char **argv)
   g_free (conf_address);
   g_free (port);
 
-  hc_conn_ssl_server_init_credentials ("cert.pem", "key.pem");
+  hc_conn_ssl_server_init_credentials (certfile, ssl_keyfile);
+
+  g_free (certfile);
+  g_free (ssl_keyfile);
 
   g_main_loop_run (g_main_loop_new (g_main_context_default (), TRUE));