- conn->chain = readcertchain(cert);
- if(conn->chain == nil)
- sysfatal("can't read certificate %s", cert);
- conn->cert = conn->chain->pem;
- conn->certlen = conn->chain->pemlen;
- conn->chain = conn->chain->next;
+
+ if(auth){
+ AuthInfo *ai;
+
+ ai = auth_proxy(0, nil, "proto=p9any role=server %s", keyspec);
+ if(ai == nil)
+ sysfatal("auth_proxy: %r");
+
+ if(auth == 1){
+ Dir nd;
+
+ if(auth_chuid(ai, nil) < 0)
+ sysfatal("auth_chuid: %r");
+
+ /* chown network connection */
+ nulldir(&nd);
+ nd.mode = 0660;
+ nd.uid = ai->cuid;
+ dirfwstat(0, &nd);
+ }
+
+ conn->pskID = "p9secret";
+ conn->psk = ai->secret;
+ conn->psklen = ai->nsecret;
+ }
+
+ if(cert){
+ conn->chain = readcertchain(cert);
+ if(conn->chain == nil)
+ sysfatal("%r");
+ conn->cert = conn->chain->pem;
+ conn->certlen = conn->chain->pemlen;
+ conn->chain = conn->chain->next;
+ }
+
+ if(conn->cert == nil && conn->psklen == 0)
+ sysfatal("no certificate or shared secret");
+