diff --git a/src/shrpx_config.cc b/src/shrpx_config.cc index 12e01978..0682149f 100644 --- a/src/shrpx_config.cc +++ b/src/shrpx_config.cc @@ -1754,7 +1754,7 @@ int parse_config(const char *opt, const char *optarg, LOG(ERROR) << opt << ": Couldn't read key file's passwd from " << optarg; return -1; } - mod_config()->tls.private_key_passwd = strcopy(passwd); + mod_config()->tls.private_key_passwd = passwd; return 0; } diff --git a/src/shrpx_config.h b/src/shrpx_config.h index 52f12ca1..3f5a8565 100644 --- a/src/shrpx_config.h +++ b/src/shrpx_config.h @@ -427,7 +427,7 @@ struct TLSConfig { std::string backend_sni_name; std::chrono::seconds session_timeout; ImmutableString private_key_file; - std::unique_ptr private_key_passwd; + ImmutableString private_key_passwd; ImmutableString cert_file; std::unique_ptr dh_param_file; std::unique_ptr ciphers; diff --git a/src/shrpx_ssl.cc b/src/shrpx_ssl.cc index adb80e47..f5d2b594 100644 --- a/src/shrpx_ssl.cc +++ b/src/shrpx_ssl.cc @@ -124,13 +124,13 @@ set_alpn_prefs(const std::vector &protos) { namespace { int ssl_pem_passwd_cb(char *buf, int size, int rwflag, void *user_data) { auto config = static_cast(user_data); - int len = (int)strlen(config->tls.private_key_passwd.get()); + auto len = static_cast(config->tls.private_key_passwd.size()); if (size < len + 1) { LOG(ERROR) << "ssl_pem_passwd_cb: buf is too small " << size; return 0; } // Copy string including last '\0'. - memcpy(buf, config->tls.private_key_passwd.get(), len + 1); + memcpy(buf, config->tls.private_key_passwd.c_str(), len + 1); return len; } } // namespace @@ -548,7 +548,7 @@ SSL_CTX *create_ssl_context(const char *private_key_file, const char *cert_file SSL_CTX_set_mode(ssl_ctx, SSL_MODE_AUTO_RETRY); SSL_CTX_set_mode(ssl_ctx, SSL_MODE_RELEASE_BUFFERS); - if (tlsconf.private_key_passwd) { + if (!tlsconf.private_key_passwd.empty()) { SSL_CTX_set_default_passwd_cb(ssl_ctx, ssl_pem_passwd_cb); SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, (void *)get_config()); }