afserver: support per-realm CA-certificate settings

This makes it possible to have different CA certificates for different realms, or certificate auth for only some realms and password auth for others.
author: Joshua Judson Rosen 2014-11-18 23:16:55 -0500
committer: Joshua Judson Rosen 2014-11-18 23:16:55 -0500
commit: fe9bda8d2aad33e0f71d5699bcf90fb78b3fb5bb (patch)
tree: 6439c3dcc6e78255a9dd2d65e75f4b21f885c264 /src/file_server.c
parent: Add missing const qualifier on SSL_METHOD* vars. (diff)
download: apf-fe9bda8d2aad33e0f71d5699bcf90fb78b3fb5bb.tar.gz
1 files changed, 6 insertions, 2 deletions
diff --git a/src/file_server.c b/src/file_server.c
index 3abfc57..35ed235 100644
--- a/src/file_server.c
+++ b/src/file_server.c
@@ -270,10 +270,14 @@ parsefile(char* name, int* status)
         ServerConfiguration_set_certificateFile(cfg, helpbuf2);
       }
       else if (strcmp(helpbuf1, "cacerfile") == 0) {
-        ServerConfiguration_set_cacertificateFile(cfg, helpbuf2);
+        ServerRealm_set_cacertificateFile(
+            ServerConfiguration_get_realmsTable(cfg)[ServerConfiguration_get_realmsNumber(cfg) - 1],
+            helpbuf2);
       }
       else if (strcmp(helpbuf1, "cerdepth") == 0) {
-        ServerConfiguration_set_sCertificateDepth(cfg, helpbuf2);
+        ServerRealm_set_sCertificateDepth(
+            ServerConfiguration_get_realmsTable(cfg)[ServerConfiguration_get_realmsNumber(cfg) - 1],
+            helpbuf2);
       }
       else if ((strcmp(helpbuf1, "key") == 0) || (strcmp(helpbuf1, "keyfile") == 0)) {
         ServerConfiguration_set_keysFile(cfg, helpbuf2);
author	Joshua Judson Rosen	2014-11-18 23:16:55 -0500
committer	Joshua Judson Rosen	2014-11-18 23:16:55 -0500
commit	fe9bda8d2aad33e0f71d5699bcf90fb78b3fb5bb (patch)
tree	6439c3dcc6e78255a9dd2d65e75f4b21f885c264 /src/file_server.c
parent	Add missing const qualifier on SSL_METHOD* vars. (diff)
download	apf-fe9bda8d2aad33e0f71d5699bcf90fb78b3fb5bb.tar.gz