walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

nghttpx: Use ImmutableString for cert_file

This commit is contained in:
Tatsuhiro Tsujikawa 2016-02-14 21:17:25 +09:00
parent c999987baf
commit ac81003669
4 changed files with 9 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/shrpx.cc
View File

@ -2085,7 +2085,7 @@ void process_options(
} }
if (!upstreamconf.no_tls && if (!upstreamconf.no_tls &&
(tlsconf.private_key_file.empty() || !tlsconf.cert_file)) { (tlsconf.private_key_file.empty() || tlsconf.cert_file.empty())) {
print_usage(std::cerr); print_usage(std::cerr);
LOG(FATAL) << "Too few arguments"; LOG(FATAL) << "Too few arguments";
exit(EXIT_FAILURE); exit(EXIT_FAILURE);

4
src/shrpx_config.cc
View File

@ -1759,7 +1759,7 @@ int parse_config(const char *opt, const char *optarg,
return 0; return 0;
} }
case SHRPX_OPTID_CERTIFICATE_FILE: case SHRPX_OPTID_CERTIFICATE_FILE:
mod_config()->tls.cert_file = strcopy(optarg); mod_config()->tls.cert_file = optarg;
return 0; return 0;
case SHRPX_OPTID_DH_PARAM_FILE: case SHRPX_OPTID_DH_PARAM_FILE:
@ -1915,7 +1915,7 @@ int parse_config(const char *opt, const char *optarg,
return 0; return 0;
case SHRPX_OPTID_CLIENT_CERT_FILE: case SHRPX_OPTID_CLIENT_CERT_FILE:
mod_config()->tls.client.cert_file = strcopy(optarg); mod_config()->tls.client.cert_file = optarg;
return 0; return 0;
case SHRPX_OPTID_FRONTEND_HTTP2_DUMP_REQUEST_HEADER: case SHRPX_OPTID_FRONTEND_HTTP2_DUMP_REQUEST_HEADER:

4
src/shrpx_config.h
View File

@ -409,7 +409,7 @@ struct TLSConfig {
// Client private key and certificate used in backend connections. // Client private key and certificate used in backend connections.
struct { struct {
ImmutableString private_key_file; ImmutableString private_key_file;
std::unique_ptr<char[]> cert_file; ImmutableString cert_file;
} client; } client;
// The list of (private key file, certificate file) pair // The list of (private key file, certificate file) pair
@ -428,7 +428,7 @@ struct TLSConfig {
std::chrono::seconds session_timeout; std::chrono::seconds session_timeout;
ImmutableString private_key_file; ImmutableString private_key_file;
std::unique_ptr<char[]> private_key_passwd; std::unique_ptr<char[]> private_key_passwd;
std::unique_ptr<char[]> cert_file; ImmutableString cert_file;
std::unique_ptr<char[]> dh_param_file; std::unique_ptr<char[]> dh_param_file;
std::unique_ptr<char[]> ciphers; std::unique_ptr<char[]> ciphers;
ImmutableString cacert; ImmutableString cacert;

9
src/shrpx_ssl.cc
View File

@ -1246,7 +1246,7 @@ SSL_CTX *setup_server_ssl_context(std::vector<SSL_CTX *> &all_ssl_ctx,
auto &tlsconf = get_config()->tls; auto &tlsconf = get_config()->tls;
auto ssl_ctx = ssl::create_ssl_context(tlsconf.private_key_file.c_str(), auto ssl_ctx = ssl::create_ssl_context(tlsconf.private_key_file.c_str(),
tlsconf.cert_file.get() tlsconf.cert_file.c_str()
#ifdef HAVE_NEVERBLEED #ifdef HAVE_NEVERBLEED
, ,
nb nb
@ -1281,8 +1281,8 @@ SSL_CTX *setup_server_ssl_context(std::vector<SSL_CTX *> &all_ssl_ctx,
} }
} }
if (ssl::cert_lookup_tree_add_cert_from_file(cert_tree, ssl_ctx, if (ssl::cert_lookup_tree_add_cert_from_file(
tlsconf.cert_file.get()) == -1) { cert_tree, ssl_ctx, tlsconf.cert_file.c_str()) == -1) {
LOG(FATAL) << "Failed to add default certificate."; LOG(FATAL) << "Failed to add default certificate.";
DIE(); DIE();
} }
@ -1323,8 +1323,7 @@ SSL_CTX *setup_downstream_client_ssl_context(
#ifdef HAVE_NEVERBLEED #ifdef HAVE_NEVERBLEED
nb, nb,
#endif // HAVE_NEVERBLEED #endif // HAVE_NEVERBLEED
StringRef{tlsconf.cacert}, StringRef{tlsconf.cacert}, StringRef{tlsconf.client.cert_file},
StringRef::from_maybe_nullptr(tlsconf.client.cert_file.get()),
StringRef{tlsconf.client.private_key_file}, alpn, next_proto_select_cb); StringRef{tlsconf.client.private_key_file}, alpn, next_proto_select_cb);
} }