From: Matthew Newton Date: Wed, 29 Feb 2012 08:23:35 +0000 (+0000) Subject: Cache result of parsing server/client tls configs, so we don't have to do it X-Git-Tag: release_3_0_0_beta0~274 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=492ec9a2d2113f70739ae12dd2490449c95a3c83;p=thirdparty%2Ffreeradius-server.git Cache result of parsing server/client tls configs, so we don't have to do it repeatedly. This means tls_server_conf_free no longer needs to be called, as it will be freed up automatically. --- diff --git a/src/include/tls.h b/src/include/tls.h index 2d78709a62a..68bbf37176a 100644 --- a/src/include/tls.h +++ b/src/include/tls.h @@ -299,7 +299,6 @@ tls_session_t *tls_new_session(fr_tls_server_conf_t *conf, REQUEST *request, tls_session_t *tls_new_client_session(fr_tls_server_conf_t *conf, int fd); fr_tls_server_conf_t *tls_server_conf_parse(CONF_SECTION *cs); fr_tls_server_conf_t *tls_client_conf_parse(CONF_SECTION *cs); -void tls_server_conf_free(fr_tls_server_conf_t *conf); int tls_handshake_recv(REQUEST *, tls_session_t *ssn); int tls_handshake_send(REQUEST *, tls_session_t *ssn); void tls_session_information(tls_session_t *ssn); diff --git a/src/main/listen.c b/src/main/listen.c index 9769bae543c..eb13b67a8e3 100644 --- a/src/main/listen.c +++ b/src/main/listen.c @@ -2978,10 +2978,6 @@ void listen_free(rad_listen_t **head) master_listen[this->type].free(this); } -#ifdef WITH_TLS - if (this->tls) tls_server_conf_free(this->tls); -#endif - #ifdef WITH_TCP if ((this->type == RAD_LISTEN_AUTH) #ifdef WITH_ACCT diff --git a/src/main/realms.c b/src/main/realms.c index 9c8b9fb28c6..fd8e012f6e0 100644 --- a/src/main/realms.c +++ b/src/main/realms.c @@ -132,11 +132,6 @@ static void home_server_free(void *data) { home_server *home = data; -#ifdef WITH_TLS - tls_server_conf_free(home->tls); - home->tls = NULL; -#endif - free(home); } diff --git a/src/main/tls.c b/src/main/tls.c index ecc36ce67de..04163085314 100644 --- a/src/main/tls.c +++ b/src/main/tls.c @@ -43,6 +43,8 @@ RCSID("$Id$") #include #endif +static void tls_server_conf_free(fr_tls_server_conf_t *conf); + /* record */ static void record_init(record_t *buf); static void record_close(record_t *buf); @@ -2056,7 +2058,13 @@ post_ca: } -void tls_server_conf_free(fr_tls_server_conf_t *conf) +/* + * Free TLS client/server config + * Should not be called outside this code, as a callback is + * added to automatically free the data when the CONF_SECTION + * is freed. + */ +static void tls_server_conf_free(fr_tls_server_conf_t *conf) { if (!conf) return; @@ -2078,6 +2086,16 @@ fr_tls_server_conf_t *tls_server_conf_parse(CONF_SECTION *cs) { fr_tls_server_conf_t *conf; + /* + * If cs has already been parsed there should be a cached copy + * of conf already stored, so just return that. + */ + conf = cf_data_find(cs, "tls-conf"); + if (conf) { + DEBUG(" debug: Using cached TLS configuration from previous invocation"); + return conf; + } + conf = malloc(sizeof(*conf)); if (!conf) { radlog(L_ERR, "Out of memory"); @@ -2164,6 +2182,11 @@ fr_tls_server_conf_t *tls_server_conf_parse(CONF_SECTION *cs) goto error; } + /* + * Cache conf in cs in case we're asked to parse this again. + */ + cf_data_add(cs, "tls-conf", conf, (void *)(void *) tls_server_conf_free); + return conf; } @@ -2171,6 +2194,12 @@ fr_tls_server_conf_t *tls_client_conf_parse(CONF_SECTION *cs) { fr_tls_server_conf_t *conf; + conf = cf_data_find(cs, "tls-conf"); + if (conf) { + DEBUG(" debug: Using cached TLS configuration from previous invocation"); + return conf; + } + conf = malloc(sizeof(*conf)); if (!conf) { radlog(L_ERR, "Out of memory"); @@ -2205,6 +2234,8 @@ fr_tls_server_conf_t *tls_client_conf_parse(CONF_SECTION *cs) goto error; } + cf_data_add(cs, "tls-conf", conf, (void *)(void *) tls_server_conf_free); + return conf; } diff --git a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c index 6ec6267a428..cdb057290d9 100644 --- a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c +++ b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c @@ -48,7 +48,6 @@ RCSID("$Id$") */ static int eaptls_detach(void *arg) { - tls_server_conf_free(arg); return 0; }