RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-01-18 19:50:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

MINOR: merge ssl_sock_get calls for log and ppv2

Browse Source 
Merge ssl_sock_get_version and ssl_sock_get_proto_version.
Change ssl_sock_get_cipher to be used in ppv2.
This commit is contained in:
Emmanuel Hocdet 2017-10-13 16:59:49 +02:00 committed by Willy Tarreau
parent 58118b43b1
commit 01da571e21
4 changed files with 10 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/proto/ssl_sock.h
View File

@ -52,7 +52,6 @@ int ssl_sock_load_ca(struct bind_conf *bind_conf);
void ssl_sock_free_ca(struct bind_conf *bind_conf);
const char *ssl_sock_get_cipher_name(struct connection *conn);
const char *ssl_sock_get_proto_version(struct connection *conn);
char *ssl_sock_get_version(struct connection *conn);
void ssl_sock_set_servername(struct connection *conn, const char *hostname);
int ssl_sock_get_cert_used_sess(struct connection *conn);
int ssl_sock_get_cert_used_conn(struct connection *conn);

4
src/connection.c
View File

@ -980,7 +980,7 @@ int make_proxy_line_v2(char *buf, int buf_len, struct server *srv, struct connec
struct sockaddr_storage *dst = &null_addr;
#ifdef USE_OPENSSL
char *value = NULL;
const char *value = NULL;
struct tlv_ssl *tlv;
int ssl_tlv_len = 0;
struct chunk *cn_trash;
@ -1035,7 +1035,7 @@ int make_proxy_line_v2(char *buf, int buf_len, struct server *srv, struct connec
tlv->tlv.type = PP2_TYPE_SSL;
if (ssl_sock_is_ssl(remote)) {
tlv->client |= PP2_CLIENT_SSL;
value = ssl_sock_get_version(remote);
value = ssl_sock_get_proto_version(remote);
if (value) {
ssl_tlv_len += make_tlv(&buf[ret+ssl_tlv_len], (buf_len-ret-ssl_tlv_len), PP2_SUBTYPE_SSL_VERSION, strlen(value), value);
}

6
src/log.c
View File

@ -1667,8 +1667,7 @@ int build_logline(struct stream *s, char *dst, size_t maxsize, struct list *list
src = NULL;
conn = objt_conn(sess->origin);
if (conn) {
if (sess->listener->bind_conf->xprt == xprt_get(XPRT_SSL))
src = ssl_sock_get_cipher_name(conn);
src = ssl_sock_get_cipher_name(conn);
}
ret = lf_text(tmplog, src, dst + maxsize - tmplog, tmp);
if (ret == NULL)
@ -1681,8 +1680,7 @@ int build_logline(struct stream *s, char *dst, size_t maxsize, struct list *list
src = NULL;
conn = objt_conn(sess->origin);
if (conn) {
if (sess->listener->bind_conf->xprt == xprt_get(XPRT_SSL))
src = ssl_sock_get_proto_version(conn);
src = ssl_sock_get_proto_version(conn);
}
ret = lf_text(tmplog, src, dst + maxsize - tmplog, tmp);
if (ret == NULL)

18
src/ssl_sock.c
View File

@ -5296,19 +5296,21 @@ static void ssl_sock_shutw(struct connection *conn, int clean)
}
}
/* used for logging, may be changed for a sample fetch later */
/* used for logging/ppv2, may be changed for a sample fetch later */
const char *ssl_sock_get_cipher_name(struct connection *conn)
{
if (!conn->xprt && !conn->xprt_ctx)
if (!ssl_sock_is_ssl(conn))
return NULL;
return SSL_get_cipher_name(conn->xprt_ctx);
}
/* used for logging, may be changed for a sample fetch later */
/* used for logging/ppv2, may be changed for a sample fetch later */
const char *ssl_sock_get_proto_version(struct connection *conn)
{
if (!conn->xprt && !conn->xprt_ctx)
if (!ssl_sock_is_ssl(conn))
return NULL;
return SSL_get_version(conn->xprt_ctx);
}
@ -5510,14 +5512,6 @@ ssl_sock_get_dn_oneline(X509_NAME *a, struct chunk *out)
return 1;
}
char *ssl_sock_get_version(struct connection *conn)
{
if (!ssl_sock_is_ssl(conn))
return NULL;
return (char *)SSL_get_version(conn->xprt_ctx);
}
/* Sets advertised SNI for outgoing connections. Please set <hostname> to NULL
* to disable SNI.
*/