subject:"\[PATCH\] CLEANUP\: ssl\: rename ssl_get_issuer_chain to ssl_get0_issuer

Re: [PATCH] CLEANUP: ssl: rename ssl_get_issuer_chain to ssl_get0_issuer_chain

2020-03-23 Thread William Lallemand

On Mon, Mar 23, 2020 at 03:26:20PM +0100, Emmanuel Hocdet wrote:
> 
> > Le 23 mars 2020 à 15:12, William Lallemand  a écrit :
> > 
> > On Mon, Mar 23, 2020 at 02:50:03PM +0100, Emmanuel Hocdet wrote:
> >> 
> >> As discussed in #559
> >> 
> > 
> > Can't we return directly a STACK_OF(X509)* structure instead of the
> > struct issuer_chain * ?
> > 
> > Because I have the impression that we use the struct issuer_chain only
> > to lookup and we only use the chain field of this structure.
> 
> 
> I changed that to be able ro extract the path for « show ssl cert »:
> 
> chain = ckchs->ckch->chain;
> if (chain == NULL) {
>   struct issuer_chain *issuer;
> issuer = ssl_get0_issuer_chain(ckchs->ckch->cert);
> if (issuer) {
> chain = issuer->chain;
> chunk_appendf(out, "Chain Filename: ");
>   chunk_appendf(out, "%s\n", issuer->path);
> }
> }

Hm okay right, I forgot this part. I'm merging the patch, thanks.

-- 
William Lallemand

Re: [PATCH] CLEANUP: ssl: rename ssl_get_issuer_chain to ssl_get0_issuer_chain

2020-03-23 Thread Emmanuel Hocdet


> Le 23 mars 2020 à 15:12, William Lallemand  a écrit :
> 
> On Mon, Mar 23, 2020 at 02:50:03PM +0100, Emmanuel Hocdet wrote:
>> 
>> As discussed in #559
>> 
> 
> Can't we return directly a STACK_OF(X509)* structure instead of the
> struct issuer_chain * ?
> 
> Because I have the impression that we use the struct issuer_chain only
> to lookup and we only use the chain field of this structure.


I changed that to be able ro extract the path for « show ssl cert »:

chain = ckchs->ckch->chain;
if (chain == NULL) {
struct issuer_chain *issuer;
issuer = ssl_get0_issuer_chain(ckchs->ckch->cert);
if (issuer) {
chain = issuer->chain;
chunk_appendf(out, "Chain Filename: ");
chunk_appendf(out, "%s\n", issuer->path);
}
}

Re: [PATCH] CLEANUP: ssl: rename ssl_get_issuer_chain to ssl_get0_issuer_chain

2020-03-23 Thread William Lallemand

On Mon, Mar 23, 2020 at 02:50:03PM +0100, Emmanuel Hocdet wrote:
> 
> As discussed in #559
> 

Can't we return directly a STACK_OF(X509)* structure instead of the
struct issuer_chain * ?

Because I have the impression that we use the struct issuer_chain only
to lookup and we only use the chain field of this structure.

> From af21a21caefbcbdcac9aedcd80e952713981e9a8 Mon Sep 17 00:00:00 2001
> From: Emmanuel Hocdet 
> Date: Mon, 23 Mar 2020 11:29:11 +0100
> Subject: [PATCH] CLEANUP: ssl: rename ssl_get_issuer_chain to
>  ssl_get0_issuer_chain
> 
> Rename ssl_get_issuer_chain to ssl_get0_issuer_chain to be consistent
> with openssl >= 1.0.2 API.
> ---
>  src/ssl_sock.c | 8 
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/src/ssl_sock.c b/src/ssl_sock.c
> index 45a650a3d..86fa1a305 100644
> --- a/src/ssl_sock.c
> +++ b/src/ssl_sock.c
> @@ -161,7 +161,7 @@ static struct xprt_ops ssl_sock;
>  int nb_engines = 0;
>  
>  static struct eb_root cert_issuer_tree = EB_ROOT; /* issuers tree from 
> "issuers-chain-path" */
> -static struct issuer_chain* ssl_get_issuer_chain(X509 *cert);
> +static struct issuer_chain* ssl_get0_issuer_chain(X509 *cert);
>  
>  static struct {
>   char *crt_base; /* base directory path for certificates */
> @@ -3629,7 +3629,7 @@ static int ssl_sock_put_ckch_into_ctx(const char *path, 
> const struct cert_key_an
>   } else {
>   /* Find Certificate Chain in global */
>   struct issuer_chain *issuer;
> - issuer = ssl_get_issuer_chain(ckch->cert);
> + issuer = ssl_get0_issuer_chain(ckch->cert);
>   if (issuer)
>   find_chain = issuer->chain;
>   }
> @@ -10166,7 +10166,7 @@ static int ssl_load_global_issuer_from_BIO(BIO *in, 
> char *fp, char **err)
>   return ret;
>  }
>  
> -static struct issuer_chain* ssl_get_issuer_chain(X509 *cert)
> +static struct issuer_chain* ssl_get0_issuer_chain(X509 *cert)
>  {
>   AUTHORITY_KEYID *akid;
>   struct issuer_chain *issuer = NULL;
> @@ -11268,7 +11268,7 @@ static int cli_io_handler_show_cert_detail(struct 
> appctx *appctx)
>   chain = ckchs->ckch->chain;
>   if (chain == NULL) {
>   struct issuer_chain *issuer;
> - issuer = ssl_get_issuer_chain(ckchs->ckch->cert);
> + issuer = ssl_get0_issuer_chain(ckchs->ckch->cert);
>   if (issuer) {
>   chain = issuer->chain;
>   chunk_appendf(out, "Chain Filename: ");





-- 
William Lallemand

[PATCH] CLEANUP: ssl: rename ssl_get_issuer_chain to ssl_get0_issuer_chain

2020-03-23 Thread Emmanuel Hocdet


As discussed in #559



0001-CLEANUP-ssl-rename-ssl_get_issuer_chain-to-ssl_get0_.patch
Description: Binary data

Re: [PATCH] CLEANUP: ssl: rename ssl_get_issuer_chain to ssl_get0_issuer_chain

Re: [PATCH] CLEANUP: ssl: rename ssl_get_issuer_chain to ssl_get0_issuer_chain

Re: [PATCH] CLEANUP: ssl: rename ssl_get_issuer_chain to ssl_get0_issuer_chain

[PATCH] CLEANUP: ssl: rename ssl_get_issuer_chain to ssl_get0_issuer_chain

4 matches

Site Navigation

Mail list logo

Footer information