From fe9bda8d2aad33e0f71d5699bcf90fb78b3fb5bb Mon Sep 17 00:00:00 2001
From: Joshua Judson Rosen
Date: Tue, 18 Nov 2014 23:16:55 -0500
Subject: afserver: support per-realm CA-certificate settings

This makes it possible to have different CA certificates for different realms,
or certificate auth for only some realms and password auth for others.
---
 src/file_server.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'src/file_server.c')

diff --git a/src/file_server.c b/src/file_server.c
index 3abfc57..35ed235 100644
--- a/src/file_server.c
+++ b/src/file_server.c
@@ -270,10 +270,14 @@ parsefile(char* name, int* status)
         ServerConfiguration_set_certificateFile(cfg, helpbuf2);
       }
       else if (strcmp(helpbuf1, "cacerfile") == 0) {
-        ServerConfiguration_set_cacertificateFile(cfg, helpbuf2);
+        ServerRealm_set_cacertificateFile(
+            ServerConfiguration_get_realmsTable(cfg)[ServerConfiguration_get_realmsNumber(cfg) - 1],
+            helpbuf2);
       }
       else if (strcmp(helpbuf1, "cerdepth") == 0) {
-        ServerConfiguration_set_sCertificateDepth(cfg, helpbuf2);
+        ServerRealm_set_sCertificateDepth(
+            ServerConfiguration_get_realmsTable(cfg)[ServerConfiguration_get_realmsNumber(cfg) - 1],
+            helpbuf2);
       }
       else if ((strcmp(helpbuf1, "key") == 0) || (strcmp(helpbuf1, "keyfile") == 0)) {
         ServerConfiguration_set_keysFile(cfg, helpbuf2);
-- 
cgit v1.1