walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

nghttpx: Use ImmutableString for fetch_ocsp_response_file

This commit is contained in:
Tatsuhiro Tsujikawa 2016-02-14 21:01:54 +09:00
parent bfc26e8299
commit 660bc389e6
4 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/shrpx.cc
View File

@ -1067,8 +1067,7 @@ void fill_default_config() {
auto &ocspconf = tlsconf.ocsp; auto &ocspconf = tlsconf.ocsp;
// ocsp update interval = 14400 secs = 4 hours, borrowed from h2o // ocsp update interval = 14400 secs = 4 hours, borrowed from h2o
ocspconf.update_interval = 4_h; ocspconf.update_interval = 4_h;
ocspconf.fetch_ocsp_response_file = ocspconf.fetch_ocsp_response_file = PKGDATADIR "/fetch-ocsp-response";
strcopy(PKGDATADIR "/fetch-ocsp-response");
} }
{ {
@ -1579,8 +1578,8 @@ SSL/TLS:
--fetch-ocsp-response-file=<PATH> --fetch-ocsp-response-file=<PATH>
Path to fetch-ocsp-response script file. It should be Path to fetch-ocsp-response script file. It should be
absolute path. absolute path.
Default: )" Default: )" << get_config()->tls.ocsp.fetch_ocsp_response_file
<< get_config()->tls.ocsp.fetch_ocsp_response_file.get() << R"( << R"(
--ocsp-update-interval=<DURATION> --ocsp-update-interval=<DURATION>
Set interval to update OCSP response cache. Set interval to update OCSP response cache.
Default: )" Default: )"
@ -2094,10 +2093,10 @@ void process_options(
if (!upstreamconf.no_tls && !tlsconf.ocsp.disabled) { if (!upstreamconf.no_tls && !tlsconf.ocsp.disabled) {
struct stat buf; struct stat buf;
if (stat(tlsconf.ocsp.fetch_ocsp_response_file.get(), &buf) != 0) { if (stat(tlsconf.ocsp.fetch_ocsp_response_file.c_str(), &buf) != 0) {
tlsconf.ocsp.disabled = true; tlsconf.ocsp.disabled = true;
LOG(WARN) << "--fetch-ocsp-response-file: " LOG(WARN) << "--fetch-ocsp-response-file: "
<< tlsconf.ocsp.fetch_ocsp_response_file.get() << tlsconf.ocsp.fetch_ocsp_response_file
<< " not found. OCSP stapling has been disabled."; << " not found. OCSP stapling has been disabled.";
} }
} }

2
src/shrpx_config.cc
View File

@ -2086,7 +2086,7 @@ int parse_config(const char *opt, const char *optarg,
return parse_uint(&mod_config()->http2.downstream.connections_per_worker, return parse_uint(&mod_config()->http2.downstream.connections_per_worker,
opt, optarg); opt, optarg);
case SHRPX_OPTID_FETCH_OCSP_RESPONSE_FILE: case SHRPX_OPTID_FETCH_OCSP_RESPONSE_FILE:
mod_config()->tls.ocsp.fetch_ocsp_response_file = strcopy(optarg); mod_config()->tls.ocsp.fetch_ocsp_response_file = optarg;
return 0; return 0;
case SHRPX_OPTID_OCSP_UPDATE_INTERVAL: case SHRPX_OPTID_OCSP_UPDATE_INTERVAL:

2
src/shrpx_config.h
View File

@ -394,7 +394,7 @@ struct TLSConfig {
// OCSP realted configurations // OCSP realted configurations
struct { struct {
ev_tstamp update_interval; ev_tstamp update_interval;
std::unique_ptr<char[]> fetch_ocsp_response_file; ImmutableString fetch_ocsp_response_file;
bool disabled; bool disabled;
} ocsp; } ocsp;

3
src/shrpx_connection_handler.cc
View File

@ -463,7 +463,8 @@ int ConnectionHandler::start_ocsp_update(const char *cert_file) {
assert(!ev_is_active(&ocsp_.chldev)); assert(!ev_is_active(&ocsp_.chldev));
char *const argv[] = { char *const argv[] = {
const_cast<char *>(get_config()->tls.ocsp.fetch_ocsp_response_file.get()), const_cast<char *>(
get_config()->tls.ocsp.fetch_ocsp_response_file.c_str()),
const_cast<char *>(cert_file), nullptr}; const_cast<char *>(cert_file), nullptr};
char *const envp[] = {nullptr}; char *const envp[] = {nullptr};