* You should have received a copy of the GNU General Public License along with
* this program. If not, see <https://www.gnu.org/licenses/>.
*/
-
-#include "config.h"
-
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <strings.h>
+#include "build-config.h"
+
+#include "cleankey.h"
#include "ll.h"
#include "log.h"
#include "onak-conf.h"
+#ifdef DBINIT
extern struct onak_dbctx *DBINIT(struct onak_db_config *dbcfg, bool readonly);
+#endif
/*
* config - Runtime configuration for onak.
.backends = NULL,
.backends_dir = NULL,
+#ifdef DBINIT
.dbinit = DBINIT,
+#else
+ .dbinit = NULL,
+#endif
- .check_sighash = true,
+ .clean_policies = ONAK_CLEAN_DROP_V3_KEYS | ONAK_CLEAN_CHECK_SIGHASH,
.bin_dir = NULL,
.mail_dir = NULL,
} else if (!strncmp("sock_dir ", line, 9)) {
config.sock_dir = strdup(&line[9]);
} else if (!strncmp("check_sighash ", line, 9)) {
- config.check_sighash = parsebool(&line[9],
- config.check_sighash);
+ if (parsebool(&line[9], config.clean_policies &
+ ONAK_CLEAN_CHECK_SIGHASH)) {
+ config.clean_policies |=
+ ONAK_CLEAN_CHECK_SIGHASH;
+ } else {
+ config.clean_policies &=
+ ~ONAK_CLEAN_CHECK_SIGHASH;
+ }
} else {
return false;
}
config.syncsites = lladd(config.syncsites,
strdup(value));
/* [verification] section */
+ } else if (MATCH("verification", "blacklist")) {
+ array_load(&config.blacklist, value);
+ } else if (MATCH("verification", "drop_v3")) {
+ if (parsebool(value, config.clean_policies &
+ ONAK_CLEAN_DROP_V3_KEYS)) {
+ config.clean_policies |=
+ ONAK_CLEAN_DROP_V3_KEYS;
+ } else {
+ config.clean_policies &=
+ ~ONAK_CLEAN_DROP_V3_KEYS;
+ }
} else if (MATCH("verification", "check_sighash")) {
- config.check_sighash = parsebool(value,
- config.check_sighash);
+ if (parsebool(value, config.clean_policies &
+ ONAK_CLEAN_CHECK_SIGHASH)) {
+ config.clean_policies |=
+ ONAK_CLEAN_CHECK_SIGHASH;
+ } else {
+ config.clean_policies &=
+ ~ONAK_CLEAN_CHECK_SIGHASH;
+ }
+ } else if (MATCH("verification", "check_packet_size")) {
+ if (parsebool(value, config.clean_policies &
+ ONAK_CLEAN_LARGE_PACKETS)) {
+ config.clean_policies |=
+ ONAK_CLEAN_LARGE_PACKETS;
+ } else {
+ config.clean_policies &=
+ ~ONAK_CLEAN_LARGE_PACKETS;
+ }
+ } else if (MATCH("verification", "require_other_sig")) {
+#if HAVE_CRYPTO
+ if (parsebool(value, config.clean_policies &
+ ONAK_CLEAN_NEED_OTHER_SIG)) {
+ config.clean_policies |=
+ ONAK_CLEAN_NEED_OTHER_SIG;
+ } else {
+ config.clean_policies &=
+ ~ONAK_CLEAN_NEED_OTHER_SIG;
+ }
+#else
+ logthing(LOGTHING_ERROR,
+ "Compiled without crypto support, "
+ "require_other_sig not available.");
+#endif
+ } else if (MATCH("verification", "update_only")) {
+ if (parsebool(value, config.clean_policies &
+ ONAK_CLEAN_UPDATE_ONLY)) {
+ config.clean_policies |=
+ ONAK_CLEAN_UPDATE_ONLY;
+ } else {
+ config.clean_policies &=
+ ~ONAK_CLEAN_UPDATE_ONLY;
+ }
+ } else if (MATCH("verification", "verify_signatures")) {
+#if HAVE_CRYPTO
+ if (parsebool(value, config.clean_policies &
+ ONAK_CLEAN_VERIFY_SIGNATURES)) {
+ config.clean_policies |=
+ ONAK_CLEAN_VERIFY_SIGNATURES;
+ } else {
+ config.clean_policies &=
+ ~ONAK_CLEAN_VERIFY_SIGNATURES;
+ }
+#else
+ logthing(LOGTHING_ERROR,
+ "Compiled without crypto support, "
+ "verify_signatures not available.");
+#endif
} else {
return false;
}
conffile = fopen(configfile, "r");
}
+ if (oldstyle) {
+ logthing(LOGTHING_CRITICAL, "Reading deprecated old-style "
+ "configuration file. This will not be "
+ "supported in the next release.");
+ }
+
if (conffile != NULL) {
if (!fgets(curline, 1023, conffile)) {
logthing(LOGTHING_CRITICAL,
fprintf(conffile, "\n");
fprintf(conffile, "[verification]\n");
- WRITE_BOOL(config.check_sighash, "check_sighash");
+ WRITE_BOOL(config.clean_policies & ONAK_CLEAN_CHECK_SIGHASH,
+ "check_sighash");
fprintf(conffile, "\n");
fprintf(conffile, "[mail]\n");
free(config.mail_dir);
config.mail_dir = NULL;
}
+ if (config.blacklist.count != 0) {
+ array_free(&config.blacklist);
+ }
}
projects / onak.git / blobdiff