diff --git a/include/certifier/xpki_client.h b/include/certifier/xpki_client.h index 6f53e58..6a5ac49 100644 --- a/include/certifier/xpki_client.h +++ b/include/certifier/xpki_client.h @@ -28,9 +28,6 @@ extern "C" { #endif -#define CERTIFIER_STATIC_URL "https://certifier-p01.xpki.io/v1/certifier" -#define DEFAULT_CERTIFIER_URL "https://certifier.xpki.io/v1/certifier" - typedef enum { XPKI_CLIENT_SUCCESS = 0, diff --git a/libcertifier.cfg.sample b/libcertifier.cfg.sample index 570ab17..2923877 100644 --- a/libcertifier.cfg.sample +++ b/libcertifier.cfg.sample @@ -1,5 +1,5 @@ { - "libcertifier.certifier.url": "https://certifier.xpki.io/v1/certifier", + "libcertifier.certifier.url": "https://certifier-p01.xpki.io/v1/certifier", "libcertifier.profile.name": "XFN_Matter_OP_Class_3_ICA", "libcertifier.validity.days": 365, "libcertifier.auth.type": "X509", diff --git a/src/certifier.c b/src/certifier.c index 93b0f3f..6a9e2d2 100644 --- a/src/certifier.c +++ b/src/certifier.c @@ -951,6 +951,19 @@ Certifier * certifier_new(void) { /* This will reconfigure() automatically. */ error_code = certifier_load_cfg_file(certifier); + if (error_code != 0) + { + goto exit; + } + + /* certifier_url must be specified */ + const char * url = certifier_get_property(certifier, CERTIFIER_OPT_CERTIFIER_URL); + if (url == NULL || XSTRLEN(url) == 0) + { + log_error("certifier_url must be set in config (libcertifier.certifier.url)"); + error_code = CERTIFIER_ERR_INIT_CERTIFIER; + goto exit; + } } else { diff --git a/src/property.c b/src/property.c index 8413ed6..d5ba5b2 100644 --- a/src/property.c +++ b/src/property.c @@ -45,7 +45,6 @@ #define DEFAULT_USER_CA_PATH "/usr/local/etc/certfier" #define DEFAULT_GLOBAL_CA_PATH "/etc/certifier" #define DEFAULT_CURDIR_CA_PATH "." -#define DEFAULT_CERTIFIER_URL "https://certifier.xpki.io/v1/certifier" #define DEFAULT_PROFILE_NAME "XFN_Matter_OP_Class_3_ICA" #define DEFAULT_CERT_MIN_TIME_LEFT_S 90 * 24 * 60 * 60; #define DEFAULT_OPT_SOURCE "unset-libcertifier-c-native" @@ -818,16 +817,6 @@ int property_set_defaults(CertifierPropMap * prop_map) } } - if (prop_map->certifier_url == NULL) - { - return_code = property_set(prop_map, CERTIFIER_OPT_CERTIFIER_URL, DEFAULT_CERTIFIER_URL); - if (return_code != 0) - { - log_error("Failed to set default property name: CERTIFIER_OPT_CERTIFIER_URL with error code: %i", return_code); - return return_code; - } - } - if (prop_map->profile_name == NULL) { return_code = property_set(prop_map, CERTIFIER_OPT_PROFILE_NAME, DEFAULT_PROFILE_NAME); diff --git a/src/xpki_client.c b/src/xpki_client.c index ac233e5..b7c99f8 100644 --- a/src/xpki_client.c +++ b/src/xpki_client.c @@ -403,20 +403,10 @@ XPKI_CLIENT_ERROR_CODE xc_get_cert(get_cert_param_t * params) } else { ReturnErrorOnFailure(certifier_set_property(certifier, CERTIFIER_OPT_CRT, params->crt)); } - if (params->static_certifier == true) - { - ReturnErrorOnFailure(certifier_set_property(certifier, CERTIFIER_OPT_CERTIFIER_URL, CERTIFIER_STATIC_URL)); - } - else - { - /* Use DEFAULT_CERTIFIER_URL if the certifier.url is not present in the config file. */ - const char * certifier_url = (char *) certifier_get_property(certifier, CERTIFIER_OPT_CERTIFIER_URL); - if ((NULL == certifier_url) || (0 == XSTRLEN(certifier_url))) - { - ReturnErrorOnFailure(certifier_set_property(certifier, CERTIFIER_OPT_CERTIFIER_URL, DEFAULT_CERTIFIER_URL)); - } - } + /* certifier.url must be present in the config file. */ + const char * certifier_url = (char *) certifier_get_property(certifier, CERTIFIER_OPT_CERTIFIER_URL); + VerifyOrReturnError(certifier_url != NULL, XPKI_CLIENT_INVALID_ARGUMENT); if (certifier_get_property(certifier, CERTIFIER_OPT_OUTPUT_P12_PATH) != NULL) { @@ -472,22 +462,12 @@ XPKI_CLIENT_ERROR_CODE xc_renew_cert(renew_cert_param_t * params) } ReturnErrorOnFailure(certifier_set_property(certifier, CERTIFIER_OPT_INPUT_P12_PATH, params->p12_path)); ReturnErrorOnFailure(certifier_set_property(certifier, CERTIFIER_OPT_INPUT_P12_PASSWORD, params->p12_password)); - if (params->static_certifier == true) - { - ReturnErrorOnFailure(certifier_set_property(certifier, CERTIFIER_OPT_CERTIFIER_URL, CERTIFIER_STATIC_URL)); - } - else - { - /** - * Use DEFAULT_CERTIFIER_URL if the certifier.url is not present in the config file. - */ - const char * certifier_url = (char *) certifier_get_property(certifier, CERTIFIER_OPT_CERTIFIER_URL); + /** + * certifier.url must be present in the config file. + */ + const char * certifier_url = (char *) certifier_get_property(certifier, CERTIFIER_OPT_CERTIFIER_URL); + VerifyOrReturnError(certifier_url != NULL, XPKI_CLIENT_INVALID_ARGUMENT); - if ((NULL == certifier_url) || (0 == XSTRLEN(certifier_url))) - { - ReturnErrorOnFailure(certifier_set_property(certifier, CERTIFIER_OPT_CERTIFIER_URL, DEFAULT_CERTIFIER_URL)); - } - } ReturnErrorOnFailure(xc_set_source_id(params->source_id)); ReturnErrorOnFailure(certifier_set_property(certifier, CERTIFIER_OPT_AUTH_TYPE, xpki_auth_type_to_string(params->auth_type))); @@ -624,20 +604,9 @@ XPKI_CLIENT_ERROR_CODE xc_get_cert_status(get_cert_status_param_t * params, XPKI ReturnErrorOnFailure(certifier_set_property(certifier, CERTIFIER_OPT_INPUT_P12_PASSWORD, params->p12_password)); ReturnErrorOnFailure(xc_set_source_id(params->source_id)); - if (params->static_certifier == true) - { - ReturnErrorOnFailure(certifier_set_property(certifier, CERTIFIER_OPT_CERTIFIER_URL, CERTIFIER_STATIC_URL)); - } - else - { - /* Use DEFAULT_CERTIFIER_URL if the certifier.url is not present in the config file. */ - const char * certifier_url = (char *) certifier_get_property(certifier, CERTIFIER_OPT_CERTIFIER_URL); - - if ((NULL == certifier_url) || (0 == XSTRLEN(certifier_url))) - { - ReturnErrorOnFailure(certifier_set_property(certifier, CERTIFIER_OPT_CERTIFIER_URL, DEFAULT_CERTIFIER_URL)); - } - } + /* certifier.url must be present in the config file */ + const char * certifier_url = (char *) certifier_get_property(certifier, CERTIFIER_OPT_CERTIFIER_URL); + VerifyOrReturnError(certifier_url != NULL, XPKI_CLIENT_INVALID_ARGUMENT); return _xc_get_cert_status(status); }