MINOR: ssl: load sctl from buf OR from a file
The ssl_sock_load_sctl_from_file() function was modified to fill directly a struct cert_key_and_chain. The function prototype was normalized in order to be used with the CLI payload parser. This function either read text from a buffer or read a file on the filesystem. It fills the ocsp_response buffer of the struct cert_key_and_chain.
This commit is contained in:
William Lallemand
William Lallemand
parent
3b5f360744
commit
0dfae6c315
|
|
@ -1386,44 +1386,57 @@ static int ssl_sock_parse_sctl(struct buffer *sctl)
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ssl_sock_load_sctl_from_file(const char *sctl_path,
|
/* Try to load a sctl from a buffer <buf> if not NULL, or read the file <sctl_path>
|
||||||
struct buffer **sctl)
|
* It fills the ckch->sctl buffer
|
||||||
|
* return 0 on success or != 0 on failure */
|
||||||
|
static int ssl_sock_load_sctl_from_file(const char *sctl_path, char *buf, struct cert_key_and_chain *ckch, char **err)
|
||||||
{
|
{
|
||||||
int fd = -1;
|
int fd = -1;
|
||||||
int r = 0;
|
int r = 0;
|
||||||
int ret = 1;
|
int ret = 1;
|
||||||
|
struct buffer tmp;
|
||||||
|
struct buffer *src;
|
||||||
|
struct buffer *sctl;
|
||||||
|
|
||||||
*sctl = NULL;
|
if (buf) {
|
||||||
|
tmp.area = buf;
|
||||||
fd = open(sctl_path, O_RDONLY);
|
tmp.data = strlen(buf);
|
||||||
if (fd == -1)
|
tmp.size = tmp.data + 1;
|
||||||
goto end;
|
src = &tmp;
|
||||||
|
} else {
|
||||||
trash.data = 0;
|
fd = open(sctl_path, O_RDONLY);
|
||||||
while (trash.data < trash.size) {
|
if (fd == -1)
|
||||||
r = read(fd, trash.area + trash.data, trash.size - trash.data);
|
|
||||||
if (r < 0) {
|
|
||||||
if (errno == EINTR)
|
|
||||||
continue;
|
|
||||||
|
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
|
trash.data = 0;
|
||||||
|
while (trash.data < trash.size) {
|
||||||
|
r = read(fd, trash.area + trash.data, trash.size - trash.data);
|
||||||
|
if (r < 0) {
|
||||||
|
if (errno == EINTR)
|
||||||
|
continue;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
else if (r == 0) {
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
trash.data += r;
|
||||||
}
|
}
|
||||||
else if (r == 0) {
|
src = &trash;
|
||||||
break;
|
|
||||||
}
|
|
||||||
trash.data += r;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = ssl_sock_parse_sctl(&trash);
|
ret = ssl_sock_parse_sctl(src);
|
||||||
if (ret)
|
if (ret)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
*sctl = calloc(1, sizeof(**sctl));
|
sctl = calloc(1, sizeof(*sctl));
|
||||||
if (!chunk_dup(*sctl, &trash)) {
|
if (!chunk_dup(sctl, src)) {
|
||||||
free(*sctl);
|
free(sctl);
|
||||||
*sctl = NULL;
|
sctl = NULL;
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
ret = 0;
|
||||||
|
/* TODO: free the previous SCTL in the ckch */
|
||||||
|
ckch->sctl = sctl;
|
||||||
|
|
||||||
end:
|
end:
|
||||||
if (fd != -1)
|
if (fd != -1)
|
||||||
|
|
@ -3035,7 +3048,7 @@ static int ssl_sock_load_crt_file_into_ckch(const char *path, BIO *buf, struct c
|
||||||
|
|
||||||
snprintf(fp, MAXPATHLEN+1, "%s.sctl", path);
|
snprintf(fp, MAXPATHLEN+1, "%s.sctl", path);
|
||||||
if (stat(fp, &st) == 0) {
|
if (stat(fp, &st) == 0) {
|
||||||
if (ssl_sock_load_sctl_from_file(fp, &ckch->sctl)) {
|
if (ssl_sock_load_sctl_from_file(fp, NULL, ckch, err)) {
|
||||||
memprintf(err, "%s '%s.sctl' is present but cannot be read or parsed'.\n",
|
memprintf(err, "%s '%s.sctl' is present but cannot be read or parsed'.\n",
|
||||||
*err ? *err : "", fp);
|
*err ? *err : "", fp);
|
||||||
ret = 1;
|
ret = 1;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue