From: William Lallemand Date: Thu, 11 Apr 2024 16:33:35 +0000 (+0200) Subject: MINOR: ssl: ckch_store_new_load_files_conf() loads filenames from ckch_conf X-Git-Tag: v3.0-dev12~14 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8526d666d2b7d65c8b2a5fe8bc14271f8c64a99d;p=thirdparty%2Fhaproxy.git MINOR: ssl: ckch_store_new_load_files_conf() loads filenames from ckch_conf ckch_store_new_load_files_conf() is the equivalent of new_ckch_store_load_files_path() but instead of trying to find the files using a base filename, it will load them from a list of files. --- diff --git a/include/haproxy/ssl_ckch.h b/include/haproxy/ssl_ckch.h index 37cb4710f1..1bb82a2d51 100644 --- a/include/haproxy/ssl_ckch.h +++ b/include/haproxy/ssl_ckch.h @@ -38,6 +38,7 @@ int ssl_sock_load_issuer_file_into_ckch(const char *path, char *buf, struct ckch /* ckch_store functions */ struct ckch_store *ckch_store_new_load_files_path(char *path, char **err); +struct ckch_store *ckch_store_new_load_files_conf(char *name, struct ckch_conf *conf, char **err); struct ckch_store *ckchs_lookup(char *path); struct ckch_store *ckchs_dup(const struct ckch_store *src); struct ckch_store *ckch_store_new(const char *filename); diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c index b7e7ae1d48..f6e2e9a5b0 100644 --- a/src/ssl_ckch.c +++ b/src/ssl_ckch.c @@ -1019,6 +1019,35 @@ end: return NULL; } +/* + * This function allocate a ckch_store and populate it with certificates using + * the ckch_conf structure. + */ +struct ckch_store *ckch_store_new_load_files_conf(char *name, struct ckch_conf *conf, char **err) +{ + struct ckch_store *ckchs; + int cfgerr = ERR_NONE; + + ckchs = ckch_store_new(name); + if (!ckchs) { + memprintf(err, "%sunable to allocate memory.\n", err && *err ? *err : ""); + goto end; + } + + cfgerr = ckch_store_load_files(conf, ckchs, err); + if (cfgerr & ERR_FATAL) + goto end; + + /* insert into the ckchs tree */ + memcpy(ckchs->path, name, strlen(name) + 1); + ebst_insert(&ckchs_tree, &ckchs->node); + return ckchs; + +end: + ckch_store_free(ckchs); + + return NULL; +} /******************** ckch_inst functions ******************************/