From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Wed, 28 Jan 2015 17:47:12 +0000 (+0000)
Subject: Allow to set keypair for a connection.
X-Git-Tag: 0.9.0~817^2~10
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=a5fdfa3a5a6642bf350260cc72a4c87c27abdab3;p=rspamd.git

Allow to set keypair for a connection.
---

diff --git a/src/libutil/http.c b/src/libutil/http.c
index 41053e9ed..91cf43084 100644
--- a/src/libutil/http.c
+++ b/src/libutil/http.c
@@ -888,6 +888,11 @@ rspamd_http_connection_free (struct rspamd_http_connection *conn)
 
 	priv = conn->priv;
 	rspamd_http_connection_reset (conn);
+
+	if (priv->local_key) {
+		g_slice_free1 (sizeof (*priv->local_key), priv->local_key);
+	}
+
 	g_slice_free1 (sizeof (struct rspamd_http_connection_private), priv);
 	g_slice_free1 (sizeof (struct rspamd_http_connection),		   conn);
 }
@@ -1534,3 +1539,32 @@ rspamd_http_router_free (struct rspamd_http_connection_router *router)
 		g_slice_free1 (sizeof (struct rspamd_http_connection_router), router);
 	}
 }
+
+gboolean
+rspamd_http_connection_set_key (struct rspamd_http_connection *conn,
+		gchar *key, gsize keylen)
+{
+	guchar *decoded;
+	gsize decoded_len;
+	struct rspamd_http_connection_private *priv = conn->priv;
+
+	decoded = rspamd_decode_base32 (key, keylen, &decoded_len);
+
+	if (decoded != NULL) {
+		if (decoded_len == crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES) {
+			priv->local_key = g_slice_alloc (sizeof (*priv->local_key));
+			memcpy (priv->local_key->sk, decoded, crypto_box_SECRETKEYBYTES);
+			memcpy (priv->local_key->pk, decoded + crypto_box_SECRETKEYBYTES,
+					crypto_box_PUBLICKEYBYTES);
+			crypto_box_beforenm (priv->local_key->beforenm, priv->local_key->pk,
+					priv->local_key->sk);
+			blake2b (priv->local_key->id, priv->local_key->pk, NULL,
+					sizeof (priv->local_key->id), sizeof (priv->local_key->pk), 0);
+
+			return TRUE;
+		}
+		g_free (decoded);
+	}
+
+	return FALSE;
+}
diff --git a/src/libutil/http.h b/src/libutil/http.h
index ca037c702..10634e2c7 100644
--- a/src/libutil/http.h
+++ b/src/libutil/http.h
@@ -147,6 +147,16 @@ struct rspamd_http_connection * rspamd_http_connection_new (
 	unsigned opts,
 	enum rspamd_http_connection_type type);
 
+/**
+ * Load the encryption keypair for this connection
+ * @param conn connection structure
+ * @param key base32 encoded privkey and pubkey (in that order)
+ * @param keylen length of base32 string
+ * @return TRUE if a key has been loaded successfully
+ */
+gboolean rspamd_http_connection_set_key (struct rspamd_http_connection *conn,
+		gchar *key, gsize keylen);
+
 /**
  * Handle a request using socket fd and user data ud
  * @param conn connection structure