}
#endif
+/* release ssl bind conf */
+void ssl_sock_free_ssl_conf(struct ssl_bind_conf *conf)
+{
+ if (conf) {
+#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ free(conf->npn_str);
+ conf->npn_str = NULL;
+#endif
+#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
+ free(conf->alpn_str);
+ conf->alpn_str = NULL;
+#endif
+ free(conf->ca_file);
+ conf->ca_file = NULL;
+ free(conf->ca_verify_file);
+ conf->ca_verify_file = NULL;
+ free(conf->crl_file);
+ conf->crl_file = NULL;
+ free(conf->ciphers);
+ conf->ciphers = NULL;
+#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
+ free(conf->ciphersuites);
+ conf->ciphersuites = NULL;
+#endif
+ free(conf->curves);
+ conf->curves = NULL;
+ free(conf->ecdhe);
+ conf->ecdhe = NULL;
+ }
+}
+
/* unlink a ckch_inst, free all SNIs, free the ckch_inst */
/* The caller must use the lock of the bind_conf if used with inserted SNIs */
static void ckch_inst_free(struct ckch_inst *inst)
return ckch_inst;
}
+/* free sni filters */
+static void crtlist_free_filters(char **args)
+{
+ int i;
+
+ if (!args)
+ return;
+
+ for (i = 0; args[i]; i++)
+ free(args[i]);
+
+ free(args);
+}
+
+/* Alloc and duplicate a char ** array */
+static char **crtlist_dup_filters(char **args, int fcount)
+{
+ char **dst;
+ int i;
+
+ if (fcount == 0)
+ return NULL;
+
+ dst = calloc(fcount + 1, sizeof(*dst));
+ if (!dst)
+ return NULL;
+
+ for (i = 0; i < fcount; i++) {
+ dst[i] = strdup(args[i]);
+ if (!dst[i])
+ goto error;
+ }
+ return dst;
+
+error:
+ crtlist_free_filters(dst);
+ return NULL;
+}
+
+/* Free a crtlist, from the crt_entry to the content of the ssl_conf */
+static void crtlist_free(struct crtlist *crtlist)
+{
+ struct crtlist_entry *entry, *s_entry;
+
+ if (crtlist == NULL)
+ return;
+
+ list_for_each_entry_safe(entry, s_entry, &crtlist->ord_entries, by_crtlist) {
+ crtlist_entry_free(entry);
+ }
+ ebmb_delete(&crtlist->node);
+ free(crtlist);
+}
+
+/* Alloc and initialize a struct crtlist
+ * <filename> is the key of the ebmb_node
+ * <unique> initialize the list of entries to be unique (1) or not (0)
+ */
+static struct crtlist *crtlist_new(const char *filename, int unique)
+{
+ struct crtlist *newlist;
+
+ newlist = calloc(1, sizeof(*newlist) + strlen(filename) + 1);
+ if (newlist == NULL)
+ return NULL;
+
+ memcpy(newlist->node.key, filename, strlen(filename) + 1);
+ if (unique)
+ newlist->entries = EB_ROOT_UNIQUE;
+ else
+ newlist->entries = EB_ROOT;
+
+ LIST_INIT(&newlist->ord_entries);
+
+ return newlist;
+}
/* This function allocates a sni_ctx and adds it to the ckch_inst */
static int ckch_inst_add_cert_sni(SSL_CTX *ctx, struct ckch_inst *ckch_inst,
return random_initialized;
}
-/* release ssl bind conf */
-void ssl_sock_free_ssl_conf(struct ssl_bind_conf *conf)
-{
- if (conf) {
-#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
- free(conf->npn_str);
- conf->npn_str = NULL;
-#endif
-#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
- free(conf->alpn_str);
- conf->alpn_str = NULL;
-#endif
- free(conf->ca_file);
- conf->ca_file = NULL;
- free(conf->ca_verify_file);
- conf->ca_verify_file = NULL;
- free(conf->crl_file);
- conf->crl_file = NULL;
- free(conf->ciphers);
- conf->ciphers = NULL;
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
- free(conf->ciphersuites);
- conf->ciphersuites = NULL;
-#endif
- free(conf->curves);
- conf->curves = NULL;
- free(conf->ecdhe);
- conf->ecdhe = NULL;
- }
-}
-/* free sni filters */
-static void crtlist_free_filters(char **args)
-{
- int i;
-
- if (!args)
- return;
-
- for (i = 0; args[i]; i++)
- free(args[i]);
-
- free(args);
-}
-
-/* Alloc and duplicate a char ** array */
-static char **crtlist_dup_filters(char **args, int fcount)
-{
- char **dst;
- int i;
-
- if (fcount == 0)
- return NULL;
-
- dst = calloc(fcount + 1, sizeof(*dst));
- if (!dst)
- return NULL;
-
- for (i = 0; i < fcount; i++) {
- dst[i] = strdup(args[i]);
- if (!dst[i])
- goto error;
- }
- return dst;
-
-error:
- crtlist_free_filters(dst);
- return NULL;
-}
-
-
-/* Free a crtlist, from the crt_entry to the content of the ssl_conf */
-static void crtlist_free(struct crtlist *crtlist)
-{
- struct crtlist_entry *entry, *s_entry;
-
- if (crtlist == NULL)
- return;
-
- list_for_each_entry_safe(entry, s_entry, &crtlist->ord_entries, by_crtlist) {
- ebpt_delete(&entry->node);
- LIST_DEL(&entry->by_crtlist);
- crtlist_free_filters(entry->filters);
- ssl_sock_free_ssl_conf(entry->ssl_conf);
- free(entry->ssl_conf);
- free(entry);
- }
- ebmb_delete(&crtlist->node);
- free(crtlist);
-}
-
-/* Alloc and initialize a struct crtlist
- * <filename> is the key of the ebmb_node
- * <unique> initialize the list of entries to be unique (1) or not (0)
- */
-static struct crtlist *crtlist_new(const char *filename, int unique)
-{
- struct crtlist *newlist;
-
- newlist = calloc(1, sizeof(*newlist) + strlen(filename) + 1);
- if (newlist == NULL)
- return NULL;
-
- memcpy(newlist->node.key, filename, strlen(filename) + 1);
- if (unique)
- newlist->entries = EB_ROOT_UNIQUE;
- else
- newlist->entries = EB_ROOT;
-
- LIST_INIT(&newlist->ord_entries);
-
- return newlist;
-}
/* This function reads a directory and stores it in a struct crtlist, each file is a crtlist_entry structure
* Fill the <crtlist> argument with a pointer to a new crtlist struct
projects / thirdparty / haproxy.git / commitdiff
