From cfca1422c7de05e34b72d2d57bc057b215aa9f8f Mon Sep 17 00:00:00 2001 From: William Lallemand Date: Thu, 5 Mar 2020 10:17:47 +0100 Subject: [PATCH] MINOR: ssl: reach a ckch_store from a sni_ctx It was only possible to go down from the ckch_store to the sni_ctx but not to go up from the sni_ctx to the ckch_store. To allow that, 2 pointers were added: - a ckch_inst pointer in the struct sni_ctx - a ckckh_store pointer in the struct ckch_inst --- include/types/ssl_sock.h | 2 ++ src/ssl_sock.c | 3 +++ 2 files changed, 5 insertions(+) diff --git a/include/types/ssl_sock.h b/include/types/ssl_sock.h index bb64e4972..9155b6d34 100644 --- a/include/types/ssl_sock.h +++ b/include/types/ssl_sock.h @@ -42,6 +42,7 @@ struct sni_ctx { struct pkey_info kinfo; /* pkey info */ struct ssl_bind_conf *conf; /* ssl "bind" conf for the certificate */ struct list by_ckch_inst; /* chained in ckch_inst's list of sni_ctx */ + struct ckch_inst *ckch_inst; /* instance used to create this sni_ctx */ struct ebmb_node name; /* node holding the servername value */ }; @@ -126,6 +127,7 @@ struct ckch_store { struct ckch_inst { struct bind_conf *bind_conf; /* pointer to the bind_conf that uses this ckch_inst */ struct ssl_bind_conf *ssl_conf; /* pointer to the ssl_conf which is used by every sni_ctx of this inst */ + struct ckch_store *ckch_store; /* pointer to the store used to generate this inst */ int is_default; /* This instance is used as the default ctx for this bind_conf */ struct list sni_ctx; /* list of sni_ctx using this ckch_inst */ struct list by_ckchs; /* chained in ckch_store's list of ckch_inst */ diff --git a/src/ssl_sock.c b/src/ssl_sock.c index 86894cb44..df15b77c1 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -2949,6 +2949,7 @@ static int ckch_inst_add_cert_sni(SSL_CTX *ctx, struct ckch_inst *ckch_inst, sc->neg = neg; sc->wild = wild; sc->name.node.leaf_p = NULL; + sc->ckch_inst = ckch_inst; LIST_ADDQ(&ckch_inst->sni_ctx, &sc->by_ckch_inst); } return order; @@ -4186,6 +4187,7 @@ static int ckch_inst_new_load_multi_store(const char *path, struct ckch_store *c ckch_inst->bind_conf = bind_conf; ckch_inst->ssl_conf = ssl_conf; + ckch_inst->ckch_store = ckchs; end: if (names) @@ -4374,6 +4376,7 @@ static int ckch_inst_new_load_store(const char *path, struct ckch_store *ckchs, /* everything succeed, the ckch instance can be used */ ckch_inst->bind_conf = bind_conf; ckch_inst->ssl_conf = ssl_conf; + ckch_inst->ckch_store = ckchs; *ckchi = ckch_inst; return errcode;