From 47034834790e778f28b082842b3ed1c7bd44f29a Mon Sep 17 00:00:00 2001 From: Dimitri Staessens Date: Sun, 21 Jun 2026 13:03:36 +0200 Subject: config: Rename enc.conf to sec.conf The per-name config file holds more than encryption settings (KEX, cipher, KDF, peer authentication), so renamed it from enc.conf to sec.conf and the code internals to match. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders --- src/irmd/CMakeLists.txt | 6 +++--- src/irmd/configfile.c | 12 ++++++------ src/irmd/main.c | 8 ++++---- src/irmd/oap/cli.c | 2 +- src/irmd/oap/srv.c | 2 +- src/tools/irm/irm_name_create.c | 24 ++++++++++++------------ 6 files changed, 27 insertions(+), 27 deletions(-) (limited to 'src') diff --git a/src/irmd/CMakeLists.txt b/src/irmd/CMakeLists.txt index 9aa747ca..5aa457ff 100644 --- a/src/irmd/CMakeLists.txt +++ b/src/irmd/CMakeLists.txt @@ -7,11 +7,11 @@ if(HAVE_TOML) set(INSTALL_DIR "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_BINDIR}") configure_file("${CMAKE_SOURCE_DIR}/irmd.conf.in" "${CMAKE_BINARY_DIR}/${OUROBOROS_CONFIG_FILE}.example" @ONLY) - configure_file("${CMAKE_SOURCE_DIR}/enc.conf.in" - "${CMAKE_BINARY_DIR}/enc.conf.example" @ONLY) + configure_file("${CMAKE_SOURCE_DIR}/sec.conf.in" + "${CMAKE_BINARY_DIR}/sec.conf.example" @ONLY) install(FILES "${CMAKE_BINARY_DIR}/${OUROBOROS_CONFIG_FILE}.example" DESTINATION "${OUROBOROS_CONFIG_DIR}") - install(FILES "${CMAKE_BINARY_DIR}/enc.conf.example" + install(FILES "${CMAKE_BINARY_DIR}/sec.conf.example" DESTINATION "${OUROBOROS_CONFIG_DIR}") install(CODE " if(NOT EXISTS \"${OUROBOROS_CONFIG_DIR}/${OUROBOROS_CONFIG_FILE}\") diff --git a/src/irmd/configfile.c b/src/irmd/configfile.c index 53608eee..35cf4292 100644 --- a/src/irmd/configfile.c +++ b/src/irmd/configfile.c @@ -922,10 +922,10 @@ static int toml_name(toml_table_t * table, toml_array_t * progs; toml_array_t * args; toml_datum_t lb; - toml_datum_t senc; + toml_datum_t ssec; toml_datum_t scrt; toml_datum_t skey; - toml_datum_t cenc; + toml_datum_t csec; toml_datum_t ccrt; toml_datum_t ckey; @@ -957,8 +957,8 @@ static int toml_name(toml_table_t * table, log_err("Invalid load-balancing policy for %s.", name); return -1; } - senc = toml_string_in(table, "server_enc_file"); - if (senc.ok && cp_chk_path(info.s.enc, senc.u.s) < 0) + ssec = toml_string_in(table, "server_sec_file"); + if (ssec.ok && cp_chk_path(info.s.sec, ssec.u.s) < 0) return -1; scrt = toml_string_in(table, "server_crt_file"); @@ -969,8 +969,8 @@ static int toml_name(toml_table_t * table, if (skey.ok && cp_chk_path(info.s.key, skey.u.s) < 0) return -1; - cenc = toml_string_in(table, "client_enc_file"); - if (cenc.ok && cp_chk_path(info.c.enc, cenc.u.s) < 0) + csec = toml_string_in(table, "client_sec_file"); + if (csec.ok && cp_chk_path(info.c.sec, csec.u.s) < 0) return -1; ccrt = toml_string_in(table, "client_crt_file"); diff --git a/src/irmd/main.c b/src/irmd/main.c index 3519e079..c77355e7 100644 --- a/src/irmd/main.c +++ b/src/irmd/main.c @@ -488,8 +488,8 @@ static void name_update_sec_paths(struct name_info * info) assert(info != NULL); - if (strlen(info->s.enc) == 0) - sprintf(info->s.enc, "%s/%s/enc.conf", srv_dir, info->name); + if (strlen(info->s.sec) == 0) + sprintf(info->s.sec, "%s/%s/sec.conf", srv_dir, info->name); if (strlen(info->s.crt) == 0) sprintf(info->s.crt, "%s/%s/crt.pem", srv_dir, info->name); @@ -497,8 +497,8 @@ static void name_update_sec_paths(struct name_info * info) if (strlen(info->s.key) == 0) sprintf(info->s.key, "%s/%s/key.pem", srv_dir, info->name); - if (strlen(info->c.enc) == 0) - sprintf(info->c.enc, "%s/%s/enc.conf", cli_dir, info->name); + if (strlen(info->c.sec) == 0) + sprintf(info->c.sec, "%s/%s/sec.conf", cli_dir, info->name); if (strlen(info->c.crt) == 0) sprintf(info->c.crt, "%s/%s/crt.pem", cli_dir, info->name); diff --git a/src/irmd/oap/cli.c b/src/irmd/oap/cli.c index 113abc4c..b3d6d586 100644 --- a/src/irmd/oap/cli.c +++ b/src/irmd/oap/cli.c @@ -98,7 +98,7 @@ int load_cli_kex_config(const struct name_info * info, /* A client authenticates the server by default, like an https client */ cfg->req_auth = OAP_CLIENT_AUTH_DEFAULT; - return load_kex_config(info->name, info->c.enc, cfg); + return load_kex_config(info->name, info->c.sec, cfg); } int load_server_kem_pk(const char * name, diff --git a/src/irmd/oap/srv.c b/src/irmd/oap/srv.c index b92c1946..9ace8ed1 100644 --- a/src/irmd/oap/srv.c +++ b/src/irmd/oap/srv.c @@ -76,7 +76,7 @@ int load_srv_kex_config(const struct name_info * info, memset(cfg, 0, sizeof(*cfg)); /* Client auth stays opt-in (mTLS); enable with auth=required */ - return load_kex_config(info->name, info->s.enc, cfg); + return load_kex_config(info->name, info->s.sec, cfg); } int load_server_kem_keypair(const char * name, diff --git a/src/tools/irm/irm_name_create.c b/src/tools/irm/irm_name_create.c index 1055700c..40a51193 100644 --- a/src/tools/irm/irm_name_create.c +++ b/src/tools/irm/irm_name_create.c @@ -51,10 +51,10 @@ #define RR "round-robin" #define SPILL "spillover" -#define SENC "/server//enc.conf" +#define SSEC "/server//sec.conf" #define SCRT "/server//crt.pem" #define SKEY "/server//key.pem" -#define CENC "/client//enc.conf" +#define CSEC "/client//sec.conf" #define CCRT "/client//crt.pem" #define CKEY "/client//key.pem" @@ -63,10 +63,10 @@ static void usage(void) printf("Usage: irm name create\n" " . max %d chars.\n" " [lb LB_POLICY], default: %s\n" - " [sencpath , default: " SENC "]\n" + " [ssecpath , default: " SSEC "]\n" " [scrtpath , default: " SCRT "]\n" " [skeypath , default: " SKEY "]\n" - " [cencpath , default: " CENC "]\n" + " [csecpath , default: " CSEC "]\n" " [ccrtpath , default: " CCRT "]\n" " [ckeypath , default: " CKEY "]\n" "\n" @@ -105,10 +105,10 @@ int do_create_name(int argc, { struct name_info info = {}; char * name = NULL; - char * sencpath = NULL; + char * ssecpath = NULL; char * scrtpath = NULL; char * skeypath = NULL; - char * cencpath = NULL; + char * csecpath = NULL; char * ccrtpath = NULL; char * ckeypath = NULL; char * lb_pol = RR; @@ -119,14 +119,14 @@ int do_create_name(int argc, while (argc > 0) { if (matches(*argv, "lb") == 0) { lb_pol = *(argv + 1); - } else if (matches(*argv, "sencpath") == 0) { - sencpath = *(argv + 1); + } else if (matches(*argv, "ssecpath") == 0) { + ssecpath = *(argv + 1); } else if (matches(*argv, "scrtpath") == 0) { scrtpath = *(argv + 1); } else if (matches(*argv, "skeypath") == 0) { skeypath = *(argv + 1); - } else if (matches(*argv, "cencpath") == 0) { - cencpath = *(argv + 1); + } else if (matches(*argv, "csecpath") == 0) { + csecpath = *(argv + 1); } else if (matches(*argv, "ccrtpath") == 0) { ccrtpath = *(argv + 1); } else if (matches(*argv, "ckeypath") == 0) { @@ -151,7 +151,7 @@ int do_create_name(int argc, strcpy(info.name, name); - if (sencpath != NULL && cp_chk_path(info.s.enc, sencpath) < 0) + if (ssecpath != NULL && cp_chk_path(info.s.sec, ssecpath) < 0) goto fail; if (scrtpath != NULL && cp_chk_path(info.s.crt, scrtpath) < 0) @@ -160,7 +160,7 @@ int do_create_name(int argc, if (skeypath != NULL && cp_chk_path(info.s.key, skeypath) < 0) goto fail; - if (cencpath != NULL && cp_chk_path(info.c.enc, cencpath) < 0) + if (csecpath != NULL && cp_chk_path(info.c.sec, csecpath) < 0) goto fail; if (ccrtpath != NULL && cp_chk_path(info.c.crt, ccrtpath) < 0) -- cgit v1.2.3