nghttpx: Use ImmutableString for cert_file

2016-02-14 21:17:25 +09:00 · 2016-02-14 21:17:25 +09:00 · ac81003669
parent c999987baf
commit ac81003669
4 changed files with 9 additions and 10 deletions
--- a/src/shrpx.cc
+++ b/src/shrpx.cc
@ -2085,7 +2085,7 @@ void process_options(
  }

  if (!upstreamconf.no_tls &&
-      (tlsconf.private_key_file.empty() || !tlsconf.cert_file)) {
+      (tlsconf.private_key_file.empty() || tlsconf.cert_file.empty())) {
    print_usage(std::cerr);
    LOG(FATAL) << "Too few arguments";
    exit(EXIT_FAILURE);
--- a/src/shrpx_config.cc
+++ b/src/shrpx_config.cc
@ -1759,7 +1759,7 @@ int parse_config(const char *opt, const char *optarg,
    return 0;
  }
  case SHRPX_OPTID_CERTIFICATE_FILE:
-    mod_config()->tls.cert_file = strcopy(optarg);
+    mod_config()->tls.cert_file = optarg;

    return 0;
  case SHRPX_OPTID_DH_PARAM_FILE:
@ -1915,7 +1915,7 @@ int parse_config(const char *opt, const char *optarg,

    return 0;
  case SHRPX_OPTID_CLIENT_CERT_FILE:
-    mod_config()->tls.client.cert_file = strcopy(optarg);
+    mod_config()->tls.client.cert_file = optarg;

    return 0;
  case SHRPX_OPTID_FRONTEND_HTTP2_DUMP_REQUEST_HEADER:
--- a/src/shrpx_config.h
+++ b/src/shrpx_config.h
@ -409,7 +409,7 @@ struct TLSConfig {
  // Client private key and certificate used in backend connections.
  struct {
    ImmutableString private_key_file;
-    std::unique_ptr<char[]> cert_file;
+    ImmutableString cert_file;
  } client;

  // The list of (private key file, certificate file) pair
@ -428,7 +428,7 @@ struct TLSConfig {
  std::chrono::seconds session_timeout;
  ImmutableString private_key_file;
  std::unique_ptr<char[]> private_key_passwd;
-  std::unique_ptr<char[]> cert_file;
+  ImmutableString cert_file;
  std::unique_ptr<char[]> dh_param_file;
  std::unique_ptr<char[]> ciphers;
  ImmutableString cacert;
--- a/src/shrpx_ssl.cc
+++ b/src/shrpx_ssl.cc
@ -1246,7 +1246,7 @@ SSL_CTX *setup_server_ssl_context(std::vector<SSL_CTX *> &all_ssl_ctx,
  auto &tlsconf = get_config()->tls;

  auto ssl_ctx = ssl::create_ssl_context(tlsconf.private_key_file.c_str(),
-                                         tlsconf.cert_file.get()
+                                         tlsconf.cert_file.c_str()
 #ifdef HAVE_NEVERBLEED
                                             ,
                                         nb
@ -1281,8 +1281,8 @@ SSL_CTX *setup_server_ssl_context(std::vector<SSL_CTX *> &all_ssl_ctx,
    }
  }

-  if (ssl::cert_lookup_tree_add_cert_from_file(cert_tree, ssl_ctx,
-                                               tlsconf.cert_file.get()) == -1) {
+  if (ssl::cert_lookup_tree_add_cert_from_file(
+          cert_tree, ssl_ctx, tlsconf.cert_file.c_str()) == -1) {
    LOG(FATAL) << "Failed to add default certificate.";
    DIE();
  }
@ -1323,8 +1323,7 @@ SSL_CTX *setup_downstream_client_ssl_context(
 #ifdef HAVE_NEVERBLEED
      nb,
 #endif // HAVE_NEVERBLEED
-      StringRef{tlsconf.cacert},
-      StringRef::from_maybe_nullptr(tlsconf.client.cert_file.get()),
+      StringRef{tlsconf.cacert}, StringRef{tlsconf.client.cert_file},
      StringRef{tlsconf.client.private_key_file}, alpn, next_proto_select_cb);
 }