nghttpx: Use ImmutableString for tls.cacert

src/shrpx_config.cc

@@ -1816,7 +1816,7 @@ int parse_config(const char *opt, const char *optarg,
 
     return 0;
   case SHRPX_OPTID_CACERT:
-    mod_config()->tls.cacert = strcopy(optarg);
+    mod_config()->tls.cacert = optarg;
 
     return 0;
   case SHRPX_OPTID_BACKEND_IPV4:

src/shrpx_config.h

@@ -431,7 +431,7 @@ struct TLSConfig {
   std::unique_ptr<char[]> cert_file;
   std::unique_ptr<char[]> dh_param_file;
   std::unique_ptr<char[]> ciphers;
-  std::unique_ptr<char[]> cacert;
+  ImmutableString cacert;
   bool insecure;
   bool no_http2_cipher_black_list;
 };

src/shrpx_connection_handler.cc

@@ -202,9 +202,8 @@ int ConnectionHandler::create_single_worker() {
 #ifdef HAVE_NEVERBLEED
         nb_.get(),
 #endif // HAVE_NEVERBLEED
-        StringRef::from_maybe_nullptr(tlsconf.cacert.get()),
+        StringRef{tlsconf.cacert}, StringRef{memcachedconf.cert_file},
-        StringRef(memcachedconf.cert_file),
+        StringRef{memcachedconf.private_key_file}, StringRef(), nullptr);
-        StringRef(memcachedconf.private_key_file), StringRef(), nullptr);
     all_ssl_ctx_.push_back(session_cache_ssl_ctx);
   }
 
@@ -253,9 +252,8 @@ int ConnectionHandler::create_worker_thread(size_t num) {
 #ifdef HAVE_NEVERBLEED
           nb_.get(),
 #endif // HAVE_NEVERBLEED
-          StringRef::from_maybe_nullptr(tlsconf.cacert.get()),
+          StringRef{tlsconf.cacert}, StringRef{memcachedconf.cert_file},
-          StringRef(memcachedconf.cert_file),
+          StringRef{memcachedconf.private_key_file}, StringRef{}, nullptr);
-          StringRef(memcachedconf.private_key_file), StringRef(), nullptr);
       all_ssl_ctx_.push_back(session_cache_ssl_ctx);
     }
     auto worker =
@@ -768,9 +766,8 @@ SSL_CTX *ConnectionHandler::create_tls_ticket_key_memcached_ssl_ctx() {
 #ifdef HAVE_NEVERBLEED
       nb_.get(),
 #endif // HAVE_NEVERBLEED
-      StringRef::from_maybe_nullptr(tlsconf.cacert.get()),
+      StringRef{tlsconf.cacert}, StringRef{memcachedconf.cert_file},
-      StringRef(memcachedconf.cert_file),
+      StringRef{memcachedconf.private_key_file}, StringRef{}, nullptr);
-      StringRef(memcachedconf.private_key_file), StringRef(), nullptr);
 
   all_ssl_ctx_.push_back(ssl_ctx);
 

src/shrpx_ssl.cc

@@ -1323,7 +1323,7 @@ SSL_CTX *setup_downstream_client_ssl_context(
 #ifdef HAVE_NEVERBLEED
       nb,
 #endif // HAVE_NEVERBLEED
-      StringRef::from_maybe_nullptr(tlsconf.cacert.get()),
+      StringRef{tlsconf.cacert},
       StringRef::from_maybe_nullptr(tlsconf.client.cert_file.get()),
       StringRef::from_maybe_nullptr(tlsconf.client.private_key_file.get()),
       alpn, next_proto_select_cb);