journal-remote: sync TrustedCertificateFile= parsing with journal-upload

So we can use TrustedCertificateFile=- to disable certificate checking
for both utilities.

3 files changed, 13 insertions, 49 deletions

diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c
index 2755f55812..346c56cf97 100644
--- a/src/journal-remote/journal-remote-main.c
+++ b/src/journal-remote/journal-remote-main.c
@@ -16,6 +16,7 @@
 #include "main-func.h"
 #include "memory-util.h"
 #include "parse-argument.h"
+#include "parse-helpers.h"
 #include "pretty-print.h"
 #include "process-util.h"
 #include "rlimit-util.h"
@@ -736,7 +737,7 @@ static int parse_config(void) {
                 { "Remote",  "SplitMode",              config_parse_write_split_mode, 0, &arg_split_mode  },
                 { "Remote",  "ServerKeyFile",          config_parse_path,             0, &arg_key         },
                 { "Remote",  "ServerCertificateFile",  config_parse_path,             0, &arg_cert        },
-                { "Remote",  "TrustedCertificateFile", config_parse_path,             0, &arg_trust       },
+                { "Remote",  "TrustedCertificateFile", config_parse_path_or_ignore,   0, &arg_trust       },
                 { "Remote",  "MaxUse",                 config_parse_iec_uint64,       0, &arg_max_use     },
                 { "Remote",  "MaxFileSize",            config_parse_iec_uint64,       0, &arg_max_size    },
                 { "Remote",  "MaxFiles",               config_parse_uint64,           0, &arg_n_max_files },
@@ -910,17 +911,13 @@ static int parse_argv(int argc, char *argv[]) {
 
                 case ARG_TRUST:
 #if HAVE_GNUTLS
-                        if (arg_trust || arg_trust_all)
+                        if (arg_trust)
                                 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
-                                                       "Confusing trusted CA configuration");
+                                                       "Cannot use --trust more than once");
 
-                        if (streq(optarg, "all"))
-                                arg_trust_all = true;
-                        else {
-                                arg_trust = strdup(optarg);
-                                if (!arg_trust)
-                                        return log_oom();
-                        }
+                        arg_trust = strdup(optarg);
+                        if (!arg_trust)
+                                return log_oom();
 #else
                         return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
                                                "Option --trust is not available.");
@@ -1025,6 +1022,11 @@ static int parse_argv(int argc, char *argv[]) {
                 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
                                        "For SplitMode=host, output must be a directory.");
 
+        if (STRPTR_IN_SET(arg_trust, "-", "all")) {
+                arg_trust_all = true;
+                arg_trust = mfree(arg_trust);
+        }
+
         log_debug("Full config: SplitMode=%s Key=%s Cert=%s Trust=%s",
                   journal_write_split_mode_to_string(arg_split_mode),
                   strna(arg_key),
diff --git a/src/journal-remote/journal-remote.c b/src/journal-remote/journal-remote.c
index 93f2dff591..5b845a520f 100644
--- a/src/journal-remote/journal-remote.c
+++ b/src/journal-remote/journal-remote.c
@@ -20,6 +20,7 @@
 #include "macro.h"
 #include "managed-journal-file.h"
 #include "parse-util.h"
+#include "parse-helpers.h"
 #include "process-util.h"
 #include "socket-util.h"
 #include "stdio-util.h"
diff --git a/src/journal-remote/journal-upload.c b/src/journal-remote/journal-upload.c
index fac90d22a2..cb3420f70f 100644
--- a/src/journal-remote/journal-upload.c
+++ b/src/journal-remote/journal-upload.c
@@ -518,45 +518,6 @@ static int perform_upload(Uploader *u) {
         return update_cursor_state(u);
 }
 
-static int config_parse_path_or_ignore(
-                const char *unit,
-                const char *filename,
-                unsigned line,
-                const char *section,
-                unsigned section_line,
-                const char *lvalue,
-                int ltype,
-                const char *rvalue,
-                void *data,
-                void *userdata) {
-
-        _cleanup_free_ char *n = NULL;
-        bool fatal = ltype;
-        char **s = ASSERT_PTR(data);
-        int r;
-
-        assert(filename);
-        assert(lvalue);
-        assert(rvalue);
-
-        if (isempty(rvalue))
-                goto finalize;
-
-        n = strdup(rvalue);
-        if (!n)
-                return log_oom();
-
-        if (streq(n, "-"))
-                goto finalize;
-
-        r = path_simplify_and_warn(n, PATH_CHECK_ABSOLUTE | (fatal ? PATH_CHECK_FATAL : 0), unit, filename, line, lvalue);
-        if (r < 0)
-                return fatal ? -ENOEXEC : 0;
-
-finalize:
-        return free_and_replace(*s, n);
-}
-
 static int parse_config(void) {
         const ConfigTableItem items[] = {
                 { "Upload",  "URL",                    config_parse_string,         CONFIG_PARSE_STRING_SAFE, &arg_url                  },