TS-1147: Remove proxy.config.ssl.server.cert.filename
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/c426f4a7 Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/c426f4a7 Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/c426f4a7 Branch: refs/heads/master Commit: c426f4a7e91ce1bde2dfc475b82fc0203ff69d92 Parents: 47255d3 Author: James Peach <[email protected]> Authored: Fri Mar 30 22:24:14 2012 -0700 Committer: James Peach <[email protected]> Committed: Fri Apr 6 21:20:00 2012 -0700 ---------------------------------------------------------------------- iocore/net/P_SSLConfig.h | 1 - iocore/net/SSLConfig.cc | 14 +++++--------- proxy/config/records.config.default.in | 8 ++------ 3 files changed, 7 insertions(+), 16 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c426f4a7/iocore/net/P_SSLConfig.h ---------------------------------------------------------------------- diff --git a/iocore/net/P_SSLConfig.h b/iocore/net/P_SSLConfig.h index f105388..8154a3d 100644 --- a/iocore/net/P_SSLConfig.h +++ b/iocore/net/P_SSLConfig.h @@ -70,7 +70,6 @@ private: void initialize(); void cleanup(); - char *serverCertPath; char *serverCertPathOnly; char *serverCertChainPath; char *serverKeyPath; http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c426f4a7/iocore/net/SSLConfig.cc ---------------------------------------------------------------------- diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc index b0a6e1d..792e039 100644 --- a/iocore/net/SSLConfig.cc +++ b/iocore/net/SSLConfig.cc @@ -47,7 +47,7 @@ SslConfigParams *SslConfig::ssl_config_params; SslConfigParams::SslConfigParams() { - serverCertPath = serverCertPathOnly = + serverCertPathOnly = serverCertChainPath = serverKeyPath = configFilePath = CACertFilename = CACertPath = @@ -71,7 +71,6 @@ SslConfigParams::~SslConfigParams() void SslConfigParams::cleanup() { - ats_free_null(serverCertPath); ats_free_null(serverCertChainPath); ats_free_null(serverKeyPath); ats_free_null(CACertFilename); @@ -108,10 +107,9 @@ set_paths_helper(const char *path, const char *filename, char **final_path, char *final_path = ats_strdup(path); } } - if (filename) { - *final_filename = ats_strdup(Layout::get()->relative_to(path, filename)); - } else { - *final_filename = NULL; + + if (final_filename) { + *final_filename = filename ? ats_strdup(Layout::get()->relative_to(path, filename)) : NULL; } #ifdef _WIN32 @@ -133,7 +131,6 @@ set_paths_helper(const char *path, const char *filename, char **final_path, char void SslConfigParams::initialize() { - char serverCertFilename[PATH_NAME_MAX] = ""; char serverCertRelativePath[PATH_NAME_MAX] = ""; char *ssl_server_private_key_filename = NULL; char *ssl_server_private_key_path = NULL; @@ -174,9 +171,8 @@ SslConfigParams::initialize() ssl_ctx_options |= SSL_OP_NO_COMPRESSION; #endif - IOCORE_ReadConfigString(serverCertFilename, "proxy.config.ssl.server.cert.filename", PATH_NAME_MAX); IOCORE_ReadConfigString(serverCertRelativePath, "proxy.config.ssl.server.cert.path", PATH_NAME_MAX); - set_paths_helper(serverCertRelativePath, serverCertFilename, &serverCertPathOnly, &serverCertPath); + set_paths_helper(serverCertRelativePath, NULL, &serverCertPathOnly, NULL); char *cert_chain = NULL; IOCORE_ReadConfigStringAlloc(cert_chain, "proxy.config.ssl.server.cert_chain.filename"); http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c426f4a7/proxy/config/records.config.default.in ---------------------------------------------------------------------- diff --git a/proxy/config/records.config.default.in b/proxy/config/records.config.default.in index c22faa7..2377895 100644 --- a/proxy/config/records.config.default.in +++ b/proxy/config/records.config.default.in @@ -498,15 +498,11 @@ CONFIG proxy.config.ssl.compression INT 1 # 1 client certificates optional # 2 client certificates required CONFIG proxy.config.ssl.client.certification_level INT 0 - # Server cert filename is the name of the cert file - # for a single cert system and the default cert name - # for a multiple cert system. -CONFIG proxy.config.ssl.server.cert.filename STRING server.pem # Server cert chain filename is the name of the cert chain file # for a single cert system. CONFIG proxy.config.ssl.server.cert_chain.filename STRING NULL - # This is the path that will be used for both single and - # multi cert systems. + # This is the path that SSL certificates files are relative to. Certificate + # names specified in ssl_multicert.config will be located relative to this path. CONFIG proxy.config.ssl.server.cert.path STRING @rel_sysconfdir@ # Fill in private key file and path only if the server's # private key is not contained in the server certificate file.
