]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2fc9e6f)
MINOR: ssl: ckch_store_new_load_files_conf() loads filenames from ckch_conf
authorWilliam Lallemand <wlallemand@haproxy.com>
Thu, 11 Apr 2024 16:33:35 +0000 (18:33 +0200)
committerWilliam Lallemand <wlallemand@haproxy.com>
Fri, 17 May 2024 15:35:51 +0000 (17:35 +0200)
ckch_store_new_load_files_conf() is the equivalent of
new_ckch_store_load_files_path() but instead of trying to find the files
using a base filename, it will load them from a list of files.

include/haproxy/ssl_ckch.h patch | blob | blame | history
src/ssl_ckch.c patch | blob | blame | history

diff --git a/include/haproxy/ssl_ckch.h b/include/haproxy/ssl_ckch.h
index 37cb4710f1e51cf91d4de029180afacd0fba1ab7..1bb82a2d518a9620db4a957e04ab59dbe6acd497 100644 (file)
--- a/include/haproxy/ssl_ckch.h
+++ b/include/haproxy/ssl_ckch.h
@@ -38,6 +38,7 @@ int ssl_sock_load_issuer_file_into_ckch(const char *path, char *buf, struct ckch
 
 /* ckch_store functions */
 struct ckch_store *ckch_store_new_load_files_path(char *path, char **err);
+struct ckch_store *ckch_store_new_load_files_conf(char *name, struct ckch_conf *conf, char **err);
 struct ckch_store *ckchs_lookup(char *path);
 struct ckch_store *ckchs_dup(const struct ckch_store *src);
 struct ckch_store *ckch_store_new(const char *filename);
diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index b7e7ae1d48ffc311486943976a01c165c6b81ea1..f6e2e9a5b00a74182867119906f0d1ab7f5f8fce 100644 (file)
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -1019,6 +1019,35 @@ end:
        return NULL;
 }
 
+/*
+ * This function allocate a ckch_store and populate it with certificates using
+ * the ckch_conf structure.
+ */
+struct ckch_store *ckch_store_new_load_files_conf(char *name, struct ckch_conf *conf, char **err)
+{
+       struct ckch_store *ckchs;
+       int cfgerr = ERR_NONE;
+
+       ckchs = ckch_store_new(name);
+       if (!ckchs) {
+               memprintf(err, "%sunable to allocate memory.\n", err && *err ? *err : "");
+               goto end;
+       }
+
+       cfgerr = ckch_store_load_files(conf, ckchs, err);
+       if (cfgerr & ERR_FATAL)
+               goto end;
+
+       /* insert into the ckchs tree */
+       memcpy(ckchs->path, name, strlen(name) + 1);
+       ebst_insert(&ckchs_tree, &ckchs->node);
+       return ckchs;
+
+end:
+       ckch_store_free(ckchs);
+
+       return NULL;
+}
 
 /********************  ckch_inst functions ******************************/
 
Mirror of https://github.com/haproxy/haproxy.git