From 4dfae3484fbf1f939af893923da015f04c78994b Mon Sep 17 00:00:00 2001
From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date: Thu, 24 Mar 2016 23:32:57 +0900
Subject: [PATCH] nghttpx: Refactor CertLookupTree interface

---
 src/shrpx_ssl.cc      | 29 +++++++++++++++--------------
 src/shrpx_ssl.h       | 10 +++++-----
 src/shrpx_ssl_test.cc |  4 ++--
 3 files changed, 22 insertions(+), 21 deletions(-)

diff --git a/src/shrpx_ssl.cc b/src/shrpx_ssl.cc
index ecd5ad65..7db5a8d0 100644
--- a/src/shrpx_ssl.cc
+++ b/src/shrpx_ssl.cc
@@ -1046,8 +1046,8 @@ CertLookupTree::CertLookupTree() {
 namespace {
 // The |offset| is the index in the hostname we are examining.  We are
 // going to scan from |offset| in backwards.
-void cert_lookup_tree_add_cert(CertNode *node, SSL_CTX *ssl_ctx, char *hostname,
-                               size_t len, int offset) {
+void cert_lookup_tree_add_cert(CertNode *node, SSL_CTX *ssl_ctx,
+                               const char *hostname, size_t len, int offset) {
   int i, next_len = node->next.size();
   char c = hostname[offset];
   CertNode *cn = nullptr;
@@ -1132,19 +1132,20 @@ void cert_lookup_tree_add_cert(CertNode *node, SSL_CTX *ssl_ctx, char *hostname,
 }
 } // namespace
 
-void CertLookupTree::add_cert(SSL_CTX *ssl_ctx, const char *hostname,
-                              size_t len) {
-  if (len == 0) {
+void CertLookupTree::add_cert(SSL_CTX *ssl_ctx, const StringRef &hostname) {
+  if (hostname.empty()) {
     return;
   }
   // Copy hostname including terminal NULL
-  hosts_.push_back(make_unique<char[]>(len + 1));
-  const auto &host_copy = hosts_.back();
-  for (size_t i = 0; i < len; ++i) {
-    host_copy[i] = util::lowcase(hostname[i]);
-  }
-  host_copy[len] = '\0';
-  cert_lookup_tree_add_cert(&root_, ssl_ctx, host_copy.get(), len, len - 1);
+  auto host_copy = make_unique<char[]>(hostname.size() + 1);
+  std::copy(std::begin(hostname), std::end(hostname), host_copy.get());
+  host_copy[hostname.size()] = '\0';
+  util::inp_strlower(&host_copy[0], &host_copy[0] + hostname.size());
+
+  cert_lookup_tree_add_cert(&root_, ssl_ctx, host_copy.get(), hostname.size(),
+                            hostname.size() - 1);
+
+  hosts_.push_back(std::move(host_copy));
 }
 
 namespace {
@@ -1234,7 +1235,7 @@ int cert_lookup_tree_add_cert_from_file(CertLookupTree *lt, SSL_CTX *ssl_ctx,
         continue;
       }
 
-      lt->add_cert(ssl_ctx, name, len);
+      lt->add_cert(ssl_ctx, StringRef{name, static_cast<size_t>(len)});
     }
   }
 
@@ -1243,7 +1244,7 @@ int cert_lookup_tree_add_cert_from_file(CertLookupTree *lt, SSL_CTX *ssl_ctx,
     return 0;
   }
 
-  lt->add_cert(ssl_ctx, cn.c_str(), cn.size());
+  lt->add_cert(ssl_ctx, cn);
 
   OPENSSL_free(const_cast<char *>(cn.c_str()));
 
diff --git a/src/shrpx_ssl.h b/src/shrpx_ssl.h
index 4be68d1a..abe464f5 100644
--- a/src/shrpx_ssl.h
+++ b/src/shrpx_ssl.h
@@ -117,7 +117,7 @@ void get_altnames(X509 *cert, std::vector<std::string> &dns_names,
 
 struct WildcardCert {
   SSL_CTX *ssl_ctx;
-  char *hostname;
+  const char *hostname;
   size_t hostnamelen;
 };
 
@@ -129,7 +129,7 @@ struct CertNode {
   std::vector<std::unique_ptr<CertNode>> next;
   // SSL_CTX for exact match
   SSL_CTX *ssl_ctx;
-  char *str;
+  const char *str;
   // [first, last) in the reverse direction in str, first >=
   // last. This indices only work for str member.
   int first, last;
@@ -139,9 +139,9 @@ class CertLookupTree {
 public:
   CertLookupTree();
 
-  // Adds |ssl_ctx| with hostname pattern |hostname| with length |len|
-  // to the lookup tree.  The |hostname| must be NULL-terminated.
-  void add_cert(SSL_CTX *ssl_ctx, const char *hostname, size_t len);
+  // Adds |ssl_ctx| with hostname pattern |hostname| to the lookup
+  // tree.
+  void add_cert(SSL_CTX *ssl_ctx, const StringRef &hostname);
 
   // Looks up SSL_CTX using the given |hostname|.  If more than one
   // SSL_CTX which matches the query, it is undefined which one is
diff --git a/src/shrpx_ssl_test.cc b/src/shrpx_ssl_test.cc
index 79129a5c..565e0176 100644
--- a/src/shrpx_ssl_test.cc
+++ b/src/shrpx_ssl_test.cc
@@ -56,7 +56,7 @@ void test_shrpx_ssl_create_lookup_tree(void) {
       StringRef::from_lit("oo.bar")};
   auto num = array_size(ctxs);
   for (size_t i = 0; i < num; ++i) {
-    tree->add_cert(ctxs[i], hostnames[i].c_str(), hostnames[i].size());
+    tree->add_cert(ctxs[i], hostnames[i]);
   }
 
   CU_ASSERT(ctxs[0] == tree->lookup(hostnames[0]));
@@ -92,7 +92,7 @@ void test_shrpx_ssl_create_lookup_tree(void) {
 
   tree = make_unique<ssl::CertLookupTree>();
   for (size_t i = 0; i < num; ++i) {
-    tree->add_cert(ctxs2[i], names[i].c_str(), names[i].size());
+    tree->add_cert(ctxs2[i], names[i]);
   }
   for (size_t i = 0; i < num; ++i) {
     CU_ASSERT(ctxs2[i] == tree->lookup(names[i]));