commit bab32701fbefecd4e2181dc03821067f4d7dbe28
from: Omar Polo <op@omarpolo.com>
date: Wed Oct 18 18:06:08 2023 UTC

gemexp: add -R to generate an RSA (4096) key instead of an EC one (default)

commit - adaae5163ca666bda00116a9efebcf0b1e6a8194
commit + bab32701fbefecd4e2181dc03821067f4d7dbe28
blob - d2148c69ff7fa0c62e623aab7cd20f7bfdfbce6a
blob + ccb093cf48ab16e1dd95a99cff104dee727b36c6
--- ge.c
+++ ge.c
@@ -32,6 +32,8 @@
 
 #include "log.h"
 
+static int gen_eckey = 1;
+
 int privsep_process;
 
 static const struct option opts[] = {
@@ -100,7 +102,7 @@ load_local_cert(struct vhost *h, const char *hostname,
 		fatal("asprintf");
 
 	if (access(cert, R_OK) == -1 || access(key, R_OK) == -1)
-		gencert(hostname, cert, key, 1);
+		gencert(hostname, cert, key, gen_eckey);
 
 	h->cert = tls_load_file(cert, &h->certlen, NULL);
 	if (h->cert == NULL)
@@ -248,7 +250,7 @@ usage(void)
 {
 	fprintf(stderr,
 	    "Version: " GE_STRING "\n"
-	    "Usage: %s [-hV] [-d certs-dir] [-H hostname] [-p port] [dir]\n",
+	    "Usage: %s [-hRV] [-d certs-dir] [-H hostname] [-p port] [dir]\n",
 	    getprogname());
 	exit(1);
 }
@@ -272,7 +274,7 @@ main(int argc, char **argv)
 	/* ge doesn't do privsep so no privsep crypto engine. */
 	conf->use_privsep_crypto = 0;
 
-	while ((ch = getopt_long(argc, argv, "d:H:hp:V", opts, NULL)) != -1) {
+	while ((ch = getopt_long(argc, argv, "d:H:hp:RV", opts, NULL)) != -1) {
 		switch (ch) {
 		case 'd':
 			certs_dir = optarg;
@@ -289,6 +291,9 @@ main(int argc, char **argv)
 				fatalx("port number is %s: %s", errstr,
 				    optarg);
 			break;
+		case 'R':
+			gen_eckey = 0;
+			break;
 		case 'V':
 			puts("Version: " GE_STRING);
 			return 0;
blob - f8faf6c693dd1ddc547ea94192219d8255f4a8c4
blob + 5371c1178747abb9e5b5a7905a0b13433f7887e2
--- gemexp.1
+++ gemexp.1
@@ -11,7 +11,7 @@
 .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.Dd August 29, 2023
+.Dd October 18, 2023
 .Dt GEMEXP 1
 .Os
 .Sh NAME
@@ -20,7 +20,7 @@
 .Sh SYNOPSIS
 .Nm
 .Bk -words
-.Op Fl hV
+.Op Fl hRV
 .Op Fl d Ar certs-dir
 .Op Fl H Ar hostname
 .Op Fl p Ar port
@@ -65,6 +65,8 @@ and are implicitly generated if not found.
 Print the usage and exit.
 .It Fl p Ar port
 The port to bind to, 1965 by default.
+.It Fl R
+Generate an RSA key instead of an EC one.
 .It Fl V , Fl -version
 Print the version and exit.
 .It Ar directory