In CLI support setting TLS policy to any known type

Previously you could only do either a file or the default policy,
and tls_proxy was hardcoded to only do the default policy.

1 files changed, 2 insertions, 19 deletions

diff --git a/src/cli/tls_http_server.cpp b/src/cli/tls_http_server.cpp
index b4d117586..c9d13f9b2 100644
--- a/src/cli/tls_http_server.cpp
+++ b/src/cli/tls_http_server.cpp
@@ -40,7 +40,7 @@
    #include <botan/tls_session_manager_sqlite.h>
 #endif
 
-#include "credentials.h"
+#include "tls_helpers.h"
 
 #if BOOST_VERSION >= 107000
 #define GET_IO_SERVICE(s) ((boost::asio::io_context&)(s).get_executor().context())
@@ -539,24 +539,7 @@ class TLS_HTTP_Server final : public Command
 
          Basic_Credentials_Manager creds(rng(), server_crt, server_key);
 
-         std::unique_ptr<Botan::TLS::Policy> policy;
-
-         const std::string policy_file = get_arg("policy");
-         if(policy_file.size() > 0)
-            {
-            std::ifstream policy_stream(policy_file);
-            if(!policy_stream.good())
-               {
-               error_output() << "Failed reading policy file\n";
-               return;
-               }
-            policy.reset(new Botan::TLS::Text_Policy(policy_stream));
-            }
-
-         if(!policy)
-            {
-            policy.reset(new Botan::TLS::Policy);
-            }
+         auto policy = load_tls_policy(get_arg("policy"));
 
          std::unique_ptr<Botan::TLS::Session_Manager> session_mgr;