On Mon, Mar 23, 2020 at 02:50:03PM +0100, Emmanuel Hocdet wrote:
> 
> As discussed in #559
> 

Can't we return directly a STACK_OF(X509)* structure instead of the
struct issuer_chain * ?

Because I have the impression that we use the struct issuer_chain only
to lookup and we only use the chain field of this structure.

> From af21a21caefbcbdcac9aedcd80e952713981e9a8 Mon Sep 17 00:00:00 2001
> From: Emmanuel Hocdet <m...@gandi.net>
> Date: Mon, 23 Mar 2020 11:29:11 +0100
> Subject: [PATCH] CLEANUP: ssl: rename ssl_get_issuer_chain to
>  ssl_get0_issuer_chain
> 
> Rename ssl_get_issuer_chain to ssl_get0_issuer_chain to be consistent
> with openssl >= 1.0.2 API.
> ---
>  src/ssl_sock.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/src/ssl_sock.c b/src/ssl_sock.c
> index 45a650a3d..86fa1a305 100644
> --- a/src/ssl_sock.c
> +++ b/src/ssl_sock.c
> @@ -161,7 +161,7 @@ static struct xprt_ops ssl_sock;
>  int nb_engines = 0;
>  
>  static struct eb_root cert_issuer_tree = EB_ROOT; /* issuers tree from 
> "issuers-chain-path" */
> -static struct issuer_chain* ssl_get_issuer_chain(X509 *cert);
> +static struct issuer_chain* ssl_get0_issuer_chain(X509 *cert);
>  
>  static struct {
>       char *crt_base;             /* base directory path for certificates */
> @@ -3629,7 +3629,7 @@ static int ssl_sock_put_ckch_into_ctx(const char *path, 
> const struct cert_key_an
>       } else {
>               /* Find Certificate Chain in global */
>               struct issuer_chain *issuer;
> -             issuer = ssl_get_issuer_chain(ckch->cert);
> +             issuer = ssl_get0_issuer_chain(ckch->cert);
>               if (issuer)
>                       find_chain = issuer->chain;
>       }
> @@ -10166,7 +10166,7 @@ static int ssl_load_global_issuer_from_BIO(BIO *in, 
> char *fp, char **err)
>       return ret;
>  }
>  
> -static struct issuer_chain* ssl_get_issuer_chain(X509 *cert)
> +static struct issuer_chain* ssl_get0_issuer_chain(X509 *cert)
>  {
>       AUTHORITY_KEYID *akid;
>       struct issuer_chain *issuer = NULL;
> @@ -11268,7 +11268,7 @@ static int cli_io_handler_show_cert_detail(struct 
> appctx *appctx)
>               chain = ckchs->ckch->chain;
>               if (chain == NULL) {
>                       struct issuer_chain *issuer;
> -                     issuer = ssl_get_issuer_chain(ckchs->ckch->cert);
> +                     issuer = ssl_get0_issuer_chain(ckchs->ckch->cert);
>                       if (issuer) {
>                               chain = issuer->chain;
>                               chunk_appendf(out, "Chain Filename: ");





-- 
William Lallemand

Reply via email to