TS-1147: Remove proxy.config.ssl.server.private_key.filename
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/a238d135 Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/a238d135 Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/a238d135 Branch: refs/heads/master Commit: a238d13541299d291f8cf1170a5acb411fa0b4f0 Parents: c426f4a Author: James Peach <[email protected]> Authored: Fri Mar 30 22:40:12 2012 -0700 Committer: James Peach <[email protected]> Committed: Fri Apr 6 21:20:05 2012 -0700 ---------------------------------------------------------------------- iocore/net/P_SSLConfig.h | 1 - iocore/net/SSLConfig.cc | 9 ++------- proxy/config/records.config.default.in | 8 +++----- 3 files changed, 5 insertions(+), 13 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/a238d135/iocore/net/P_SSLConfig.h ---------------------------------------------------------------------- diff --git a/iocore/net/P_SSLConfig.h b/iocore/net/P_SSLConfig.h index 8154a3d..630e56e 100644 --- a/iocore/net/P_SSLConfig.h +++ b/iocore/net/P_SSLConfig.h @@ -72,7 +72,6 @@ private: char *serverCertPathOnly; char *serverCertChainPath; - char *serverKeyPath; char *serverKeyPathOnly; char *CACertFilename; char *CACertPath; http://git-wip-us.apache.org/repos/asf/trafficserver/blob/a238d135/iocore/net/SSLConfig.cc ---------------------------------------------------------------------- diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc index 792e039..cfa42f0 100644 --- a/iocore/net/SSLConfig.cc +++ b/iocore/net/SSLConfig.cc @@ -49,7 +49,7 @@ SslConfigParams::SslConfigParams() { serverCertPathOnly = serverCertChainPath = - serverKeyPath = configFilePath = + configFilePath = CACertFilename = CACertPath = clientCertPath = clientKeyPath = clientCACertFilename = clientCACertPath = @@ -72,7 +72,6 @@ void SslConfigParams::cleanup() { ats_free_null(serverCertChainPath); - ats_free_null(serverKeyPath); ats_free_null(CACertFilename); ats_free_null(CACertPath); ats_free_null(clientCertPath); @@ -132,7 +131,6 @@ void SslConfigParams::initialize() { char serverCertRelativePath[PATH_NAME_MAX] = ""; - char *ssl_server_private_key_filename = NULL; char *ssl_server_private_key_path = NULL; char *CACertRelativePath = NULL; char *ssl_client_cert_filename = NULL; @@ -183,13 +181,10 @@ SslConfigParams::initialize() set_paths_helper(Layout::get()->sysconfdir, multicert_config_file, NULL, &configFilePath); ats_free(multicert_config_file); - IOCORE_ReadConfigStringAlloc(ssl_server_private_key_filename, "proxy.config.ssl.server.private_key.filename"); IOCORE_ReadConfigStringAlloc(ssl_server_private_key_path, "proxy.config.ssl.server.private_key.path"); - set_paths_helper(ssl_server_private_key_path, ssl_server_private_key_filename, &serverKeyPathOnly, &serverKeyPath); - ats_free(ssl_server_private_key_filename); + set_paths_helper(ssl_server_private_key_path, NULL, &serverKeyPathOnly, NULL); ats_free(ssl_server_private_key_path); - IOCORE_ReadConfigStringAlloc(CACertFilename, "proxy.config.ssl.CA.cert.filename"); IOCORE_ReadConfigStringAlloc(CACertRelativePath, "proxy.config.ssl.CA.cert.path"); set_paths_helper(CACertRelativePath, CACertFilename, &CACertPath, &CACertFilename); http://git-wip-us.apache.org/repos/asf/trafficserver/blob/a238d135/proxy/config/records.config.default.in ---------------------------------------------------------------------- diff --git a/proxy/config/records.config.default.in b/proxy/config/records.config.default.in index 2377895..732f336 100644 --- a/proxy/config/records.config.default.in +++ b/proxy/config/records.config.default.in @@ -504,11 +504,9 @@ CONFIG proxy.config.ssl.server.cert_chain.filename STRING NULL # This is the path that SSL certificates files are relative to. Certificate # names specified in ssl_multicert.config will be located relative to this path. CONFIG proxy.config.ssl.server.cert.path STRING @rel_sysconfdir@ - # Fill in private key file and path only if the server's - # private key is not contained in the server certificate file. - # For multiple cert systems, if any private key is not contained - # in the cert file, you must fill in the private key path. -CONFIG proxy.config.ssl.server.private_key.filename STRING NULL + # If any private key is not contained in the certificate file, you must + # fill in the private key path. Private key names specified in + # ssl_multicert.config will be located relative to this path. CONFIG proxy.config.ssl.server.private_key.path STRING @rel_sysconfdir@ # The CA file name and path are the # certificate authority certificate that
