|
|
@ -497,6 +497,17 @@ main(int argc, char *argv[])
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* prevent multiple instances running */
|
|
|
|
|
|
|
|
if (opts->pidfile) {
|
|
|
|
|
|
|
|
pidfd = sys_pidf_open(opts->pidfile);
|
|
|
|
|
|
|
|
if (pidfd == -1) {
|
|
|
|
|
|
|
|
fprintf(stderr, "%s: cannot open PID file '%s' "
|
|
|
|
|
|
|
|
"- process already running?\n",
|
|
|
|
|
|
|
|
argv0, opts->pidfile);
|
|
|
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* dynamic defaults */
|
|
|
|
/* dynamic defaults */
|
|
|
|
if (!opts->ciphers) {
|
|
|
|
if (!opts->ciphers) {
|
|
|
|
opts->ciphers = strdup("ALL:-aNULL");
|
|
|
|
opts->ciphers = strdup("ALL:-aNULL");
|
|
|
@ -512,6 +523,18 @@ main(int argc, char *argv[])
|
|
|
|
!opts->contentlogdir) {
|
|
|
|
!opts->contentlogdir) {
|
|
|
|
opts->dropuser = strdup("nobody");
|
|
|
|
opts->dropuser = strdup("nobody");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (opts_has_ssl_spec(opts) && !opts->key) {
|
|
|
|
|
|
|
|
opts->key = ssl_key_genrsa(1024);
|
|
|
|
|
|
|
|
if (!opts->key) {
|
|
|
|
|
|
|
|
fprintf(stderr, "%s: error generating RSA key:\n",
|
|
|
|
|
|
|
|
argv0);
|
|
|
|
|
|
|
|
ERR_print_errors_fp(stderr);
|
|
|
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
if (OPTS_DEBUG(opts)) {
|
|
|
|
|
|
|
|
log_dbg_printf("Generated RSA key for leaf certs.\n");
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* debugging */
|
|
|
|
/* debugging */
|
|
|
|
if (OPTS_DEBUG(opts)) {
|
|
|
|
if (OPTS_DEBUG(opts)) {
|
|
|
@ -540,28 +563,6 @@ main(int argc, char *argv[])
|
|
|
|
if (cbuf)
|
|
|
|
if (cbuf)
|
|
|
|
free(cbuf);
|
|
|
|
free(cbuf);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* prevent multiple instances running */
|
|
|
|
|
|
|
|
if (opts->pidfile) {
|
|
|
|
|
|
|
|
pidfd = sys_pidf_open(opts->pidfile);
|
|
|
|
|
|
|
|
if (pidfd == -1) {
|
|
|
|
|
|
|
|
fprintf(stderr, "%s: cannot open PID file '%s' "
|
|
|
|
|
|
|
|
"- process already running?\n",
|
|
|
|
|
|
|
|
argv0, opts->pidfile);
|
|
|
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
|
|
|
* Initialize as much as possible before daemon() in order to be
|
|
|
|
|
|
|
|
* able to provide direct feedback to the user when failing.
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
if (cachemgr_init() == -1) {
|
|
|
|
|
|
|
|
fprintf(stderr, "%s: failed to init cachemgr.\n", argv0);
|
|
|
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
if (OPTS_DEBUG(opts)) {
|
|
|
|
|
|
|
|
if (opts->cacrt) {
|
|
|
|
if (opts->cacrt) {
|
|
|
|
char *subj = ssl_x509_subject(opts->cacrt);
|
|
|
|
char *subj = ssl_x509_subject(opts->cacrt);
|
|
|
|
log_dbg_printf("Loaded CA: '%s'\n", subj);
|
|
|
|
log_dbg_printf("Loaded CA: '%s'\n", subj);
|
|
|
@ -574,17 +575,14 @@ main(int argc, char *argv[])
|
|
|
|
log_dbg_printf("No CA loaded.\n");
|
|
|
|
log_dbg_printf("No CA loaded.\n");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (opts_has_ssl_spec(opts) && !opts->key) {
|
|
|
|
|
|
|
|
opts->key = ssl_key_genrsa(1024);
|
|
|
|
/*
|
|
|
|
if (!opts->key) {
|
|
|
|
* Initialize as much as possible before daemon() in order to be
|
|
|
|
fprintf(stderr, "%s: error generating RSA key:\n",
|
|
|
|
* able to provide direct feedback to the user when failing.
|
|
|
|
argv0);
|
|
|
|
*/
|
|
|
|
ERR_print_errors_fp(stderr);
|
|
|
|
if (cachemgr_init() == -1) {
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
fprintf(stderr, "%s: failed to init cachemgr.\n", argv0);
|
|
|
|
}
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
if (OPTS_DEBUG(opts)) {
|
|
|
|
|
|
|
|
log_dbg_printf("Generated RSA key for leaf certs.\n");
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (opts->tgcrtdir) {
|
|
|
|
if (opts->tgcrtdir) {
|
|
|
|
const void *arg[2];
|
|
|
|
const void *arg[2];
|
|
|
|