walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

nghttpx: Refactor CertLookupTree interface

This commit is contained in:
Tatsuhiro Tsujikawa 2016-03-24 23:32:57 +09:00
parent 372123c178
commit 4dfae3484f
3 changed files with 22 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/shrpx_ssl.cc
View File

@ -1046,8 +1046,8 @@ CertLookupTree::CertLookupTree() {
namespace { namespace {
// The |offset| is the index in the hostname we are examining. We are // The |offset| is the index in the hostname we are examining. We are
// going to scan from |offset| in backwards. // going to scan from |offset| in backwards.
void cert_lookup_tree_add_cert(CertNode *node, SSL_CTX *ssl_ctx, char *hostname, void cert_lookup_tree_add_cert(CertNode *node, SSL_CTX *ssl_ctx,
size_t len, int offset) { const char *hostname, size_t len, int offset) {
int i, next_len = node->next.size(); int i, next_len = node->next.size();
char c = hostname[offset]; char c = hostname[offset];
CertNode *cn = nullptr; CertNode *cn = nullptr;
@ -1132,19 +1132,20 @@ void cert_lookup_tree_add_cert(CertNode *node, SSL_CTX *ssl_ctx, char *hostname,
} }
} // namespace } // namespace
void CertLookupTree::add_cert(SSL_CTX *ssl_ctx, const char *hostname, void CertLookupTree::add_cert(SSL_CTX *ssl_ctx, const StringRef &hostname) {
size_t len) { if (hostname.empty()) {
if (len == 0) {
return; return;
} }
// Copy hostname including terminal NULL // Copy hostname including terminal NULL
hosts_.push_back(make_unique<char[]>(len + 1)); auto host_copy = make_unique<char[]>(hostname.size() + 1);
const auto &host_copy = hosts_.back(); std::copy(std::begin(hostname), std::end(hostname), host_copy.get());
for (size_t i = 0; i < len; ++i) { host_copy[hostname.size()] = '\0';
host_copy[i] = util::lowcase(hostname[i]); util::inp_strlower(&host_copy[0], &host_copy[0] + hostname.size());
}
host_copy[len] = '\0'; cert_lookup_tree_add_cert(&root_, ssl_ctx, host_copy.get(), hostname.size(),
cert_lookup_tree_add_cert(&root_, ssl_ctx, host_copy.get(), len, len - 1); hostname.size() - 1);
hosts_.push_back(std::move(host_copy));
} }
namespace { namespace {
@ -1234,7 +1235,7 @@ int cert_lookup_tree_add_cert_from_file(CertLookupTree *lt, SSL_CTX *ssl_ctx,
continue; continue;
} }
lt->add_cert(ssl_ctx, name, len); lt->add_cert(ssl_ctx, StringRef{name, static_cast<size_t>(len)});
} }
} }
@ -1243,7 +1244,7 @@ int cert_lookup_tree_add_cert_from_file(CertLookupTree *lt, SSL_CTX *ssl_ctx,
return 0; return 0;
} }
lt->add_cert(ssl_ctx, cn.c_str(), cn.size()); lt->add_cert(ssl_ctx, cn);
OPENSSL_free(const_cast<char *>(cn.c_str())); OPENSSL_free(const_cast<char *>(cn.c_str()));

10
src/shrpx_ssl.h
View File

@ -117,7 +117,7 @@ void get_altnames(X509 *cert, std::vector<std::string> &dns_names,
struct WildcardCert { struct WildcardCert {
SSL_CTX *ssl_ctx; SSL_CTX *ssl_ctx;
char *hostname; const char *hostname;
size_t hostnamelen; size_t hostnamelen;
}; };
@ -129,7 +129,7 @@ struct CertNode {
std::vector<std::unique_ptr<CertNode>> next; std::vector<std::unique_ptr<CertNode>> next;
// SSL_CTX for exact match // SSL_CTX for exact match
SSL_CTX *ssl_ctx; SSL_CTX *ssl_ctx;
char *str; const char *str;
// [first, last) in the reverse direction in str, first >= // [first, last) in the reverse direction in str, first >=
// last. This indices only work for str member. // last. This indices only work for str member.
int first, last; int first, last;
@ -139,9 +139,9 @@ class CertLookupTree {
public: public:
CertLookupTree(); CertLookupTree();
// Adds |ssl_ctx| with hostname pattern |hostname| with length |len| // Adds |ssl_ctx| with hostname pattern |hostname| to the lookup
// to the lookup tree. The |hostname| must be NULL-terminated. // tree.
void add_cert(SSL_CTX *ssl_ctx, const char *hostname, size_t len); void add_cert(SSL_CTX *ssl_ctx, const StringRef &hostname);
// Looks up SSL_CTX using the given |hostname|. If more than one // Looks up SSL_CTX using the given |hostname|. If more than one
// SSL_CTX which matches the query, it is undefined which one is // SSL_CTX which matches the query, it is undefined which one is

4
src/shrpx_ssl_test.cc
View File

@ -56,7 +56,7 @@ void test_shrpx_ssl_create_lookup_tree(void) {
StringRef::from_lit("oo.bar")}; StringRef::from_lit("oo.bar")};
auto num = array_size(ctxs); auto num = array_size(ctxs);
for (size_t i = 0; i < num; ++i) { for (size_t i = 0; i < num; ++i) {
tree->add_cert(ctxs[i], hostnames[i].c_str(), hostnames[i].size()); tree->add_cert(ctxs[i], hostnames[i]);
} }
CU_ASSERT(ctxs[0] == tree->lookup(hostnames[0])); CU_ASSERT(ctxs[0] == tree->lookup(hostnames[0]));
@ -92,7 +92,7 @@ void test_shrpx_ssl_create_lookup_tree(void) {
tree = make_unique<ssl::CertLookupTree>(); tree = make_unique<ssl::CertLookupTree>();
for (size_t i = 0; i < num; ++i) { for (size_t i = 0; i < num; ++i) {
tree->add_cert(ctxs2[i], names[i].c_str(), names[i].size()); tree->add_cert(ctxs2[i], names[i]);
} }
for (size_t i = 0; i < num; ++i) { for (size_t i = 0; i < num; ++i) {
CU_ASSERT(ctxs2[i] == tree->lookup(names[i])); CU_ASSERT(ctxs2[i] == tree->lookup(names[i]));