commit d72ac636bb2b5c5a6b9c946cc5fc69130ac62653
from: Omar Polo <op@omarpolo.com>
date: Mon Aug 07 13:18:04 2023 UTC

unbreak config_test() when !use_privsep_crypto

The new config_test() fails miserably when the privsep crypto engine is
not enabled.  As a temporary workaround, forcibly disable it during
config_test() as we're not going to run anyway.

commit - 36a98d50e533bf90b952130adbf1ca4ccc866f04
commit + d72ac636bb2b5c5a6b9c946cc5fc69130ac62653
blob - 0f5fa96dcf0df504738f5889f53e0a8c28e65c8b
blob + 23d3ffccb79c39318e083fb28ed6f1e5f15841f1
--- config.c
+++ config.c
@@ -752,33 +752,34 @@ config_test(struct conf *conf)
 {
 	struct vhost	*h;
 	struct address	*addr;
-	struct imsg	 imsg;
 	int		 fd;
 
-	TAILQ_FOREACH(h, &conf->hosts, vhosts) {
-		/* faking the imsgs for config_crypto_recv_kp */
+	/*
+	 * can't use config_crypto_recv_kp() because not on all platforms
+	 * we're using the privsep crypto engine (yet).
+	 */
+	conf->use_privsep_crypto = 0;
 
+	TAILQ_FOREACH(h, &conf->hosts, vhosts) {
 		if ((fd = open(h->cert_path, O_RDONLY)) == -1) {
 			log_warn("can't open %s", h->cert_path);
 			return -1;
 		}
-
-		memset(&imsg, 0, sizeof(imsg));
-		imsg.fd = fd;
-		imsg.hdr.type = IMSG_RECONF_CERT;
-		if (config_crypto_recv_kp(conf, &imsg) == -1)
+		if (load_file(fd, &h->cert, &h->certlen) == -1) {
+			log_warnx("failed to load cert for %s",
+			    h->domain);
 			return -1;
+		}
 
 		if ((fd = open(h->key_path, O_RDONLY)) == -1) {
 			log_warn("can't open %s", h->key_path);
 			return -1;
 		}
-
-		memset(&imsg, 0, sizeof(imsg));
-		imsg.fd = fd;
-		imsg.hdr.type = IMSG_RECONF_KEY;
-		if (config_crypto_recv_kp(conf, &imsg) == -1)
+		if (load_file(fd, &h->key, &h->keylen) == -1) {
+			log_warnx("failed to load key for %s",
+			    h->domain);
 			return -1;
+		}
 	}
 
 	TAILQ_FOREACH(addr, &conf->addrs, addrs) {