const char *_sni = nullptr)
: pool(_pool), ip(_ip), port(_port),
key(redis_pool_elt::make_key(_db, _username, _password, _ip, _port,
- _use_tls, _no_ssl_verify,
- _ca_file, _ca_dir, _cert_file, _key_file, _sni))
+ _use_tls, _no_ssl_verify,
+ _ca_file, _ca_dir, _cert_file, _key_file, _sni))
{
is_unix = ip[0] == '.' || ip[0] == '/';
class redis_pool final {
static constexpr const double default_timeout = 10.0;
-static constexpr const unsigned default_max_conns = 100;
+ static constexpr const unsigned default_max_conns = 100;
/* We want to have references integrity */
ankerl::unordered_dense::map<redisAsyncContext *,
const char *password, const char *ip, int port) -> redisAsyncContext *;
auto new_connection_ext(const char *db, const char *username,
- const char *password, const char *ip, int port,
- bool use_tls, bool no_ssl_verify,
- const char *ca_file, const char *ca_dir,
- const char *cert_file, const char *key_file,
- const char *sni) -> redisAsyncContext *;
+ const char *password, const char *ip, int port,
+ bool use_tls, bool no_ssl_verify,
+ const char *ca_file, const char *ca_dir,
+ const char *cert_file, const char *key_file,
+ const char *sni) -> redisAsyncContext *;
auto release_connection(redisAsyncContext *ctx,
enum rspamd_redis_pool_release_type how) -> void;
conn->ctx->errstr, ip.c_str(), port, nctx);
if (nctx) {
- /* If TLS is configured for this element, initiate it now */
- if (use_tls && !is_unix) {
- if (!initiate_tls(nctx)) {
- redisAsyncFree(nctx);
- nctx = nullptr;
- }
+ /* If TLS is configured for this element, initiate it now */
+ if (use_tls && !is_unix) {
+ if (!initiate_tls(nctx)) {
+ redisAsyncFree(nctx);
+ nctx = nullptr;
}
+ }
if (nctx) {
active.emplace_front(std::make_unique<redis_pool_connection>(pool, this,
- db.c_str(), username.c_str(), password.c_str(), nctx));
+ db.c_str(), username.c_str(), password.c_str(), nctx));
active.front()->elt_pos = active.begin();
}
}
auto *nctx = redis_async_new();
if (nctx) {
- /* If TLS is configured for this element, initiate it now */
- if (use_tls && !is_unix) {
- if (!initiate_tls(nctx)) {
- redisAsyncFree(nctx);
- nctx = nullptr;
- }
+ /* If TLS is configured for this element, initiate it now */
+ if (use_tls && !is_unix) {
+ if (!initiate_tls(nctx)) {
+ redisAsyncFree(nctx);
+ nctx = nullptr;
}
+ }
if (nctx) {
active.emplace_front(std::make_unique<redis_pool_connection>(pool, this,
- db.c_str(), username.c_str(), password.c_str(), nctx));
+ db.c_str(), username.c_str(), password.c_str(), nctx));
active.front()->elt_pos = active.begin();
auto conn = active.front().get();
msg_debug_rpool("no inactive connections; opened new connection to %s:%d: %p",
}
auto redis_pool::new_connection_ext(const char *db, const char *username,
- const char *password, const char *ip, int port,
- bool use_tls, bool no_ssl_verify,
- const char *ca_file, const char *ca_dir,
- const char *cert_file, const char *key_file,
- const char *sni) -> redisAsyncContext *
+ const char *password, const char *ip, int port,
+ bool use_tls, bool no_ssl_verify,
+ const char *ca_file, const char *ca_dir,
+ const char *cert_file, const char *key_file,
+ const char *sni) -> redisAsyncContext *
{
if (!wanna_die) {
auto key = redis_pool_elt::make_key(db, username, password, ip, port,
- use_tls, no_ssl_verify, ca_file, ca_dir,
- cert_file, key_file, sni);
+ use_tls, no_ssl_verify, ca_file, ca_dir,
+ cert_file, key_file, sni);
auto found_elt = elts_by_key.find(key);
if (found_elt != elts_by_key.end()) {
struct redisAsyncContext *
rspamd_redis_pool_connect(void *p,
- const char *db, const char *username,
- const char *password, const char *ip, int port)
+ const char *db, const char *username,
+ const char *password, const char *ip, int port)
{
g_assert(p != NULL);
auto *pool = reinterpret_cast<class rspamd::redis_pool *>(p);
g_assert(p != NULL);
auto *pool = reinterpret_cast<class rspamd::redis_pool *>(p);
- if (tls && tls->use_tls) {
- return pool->new_connection_ext(db, username, password, ip, port,
- true, tls->no_ssl_verify,
- tls->ca_file, tls->ca_dir,
- tls->cert_file, tls->key_file,
- tls->sni);
+ if (tls && tls->use_tls) {
+ return pool->new_connection_ext(db, username, password, ip, port,
+ true, tls->no_ssl_verify,
+ tls->ca_file, tls->ca_dir,
+ tls->cert_file, tls->key_file,
+ tls->sni);
}
else {
return pool->new_connection(db, username, password, ip, port);
struct redisAsyncContext;
struct ev_loop;
struct rspamd_redis_tls_opts {
- bool use_tls; /* enable TLS */
- bool no_ssl_verify; /* disable peer verify */
- const char *ca_file; /* optional */
- const char *ca_dir; /* optional */
- const char *cert_file; /* optional */
- const char *key_file; /* optional */
- const char *sni; /* optional */
+ bool use_tls; /* enable TLS */
+ bool no_ssl_verify; /* disable peer verify */
+ const char *ca_file; /* optional */
+ const char *ca_dir; /* optional */
+ const char *cert_file; /* optional */
+ const char *key_file; /* optional */
+ const char *sni; /* optional */
};
/**
* @return
*/
struct redisAsyncContext *rspamd_redis_pool_connect(
- void *pool,
- const char *db, const char *username, const char *password,
- const char *ip, int port);
+ void *pool,
+ const char *db, const char *username, const char *password,
+ const char *ip, int port);
/**
* Create or reuse a specific redis connection with optional TLS
*/
struct redisAsyncContext *rspamd_redis_pool_connect_ext(
- void *pool,
- const char *db, const char *username, const char *password,
- const char *ip, int port,
- const struct rspamd_redis_tls_opts *tls);
+ void *pool,
+ const char *db, const char *username, const char *password,
+ const char *ip, int port,
+ const struct rspamd_redis_tls_opts *tls);
enum rspamd_redis_pool_release_type {
RSPAMD_REDIS_RELEASE_DEFAULT = 0,
struct rspamd_task *task = NULL;
const char *host = NULL;
const char *username = NULL, *password = NULL, *dbname = NULL, *log_tag = NULL;
- struct rspamd_redis_tls_opts tls_opts;
- /* Duplicated TLS strings to ensure lifetime beyond Lua stack */
- char *dup_ca_file = NULL, *dup_ca_dir = NULL, *dup_cert_file = NULL,
- *dup_key_file = NULL, *dup_sni = NULL;
+ struct rspamd_redis_tls_opts tls_opts;
+ /* Duplicated TLS strings to ensure lifetime beyond Lua stack */
+ char *dup_ca_file = NULL, *dup_ca_dir = NULL, *dup_cert_file = NULL,
+ *dup_key_file = NULL, *dup_sni = NULL;
int cbref = -1;
struct rspamd_config *cfg = NULL;
struct rspamd_async_session *session = NULL;
gboolean ret = FALSE;
unsigned int flags = 0;
- memset(&tls_opts, 0, sizeof(tls_opts));
+ memset(&tls_opts, 0, sizeof(tls_opts));
if (lua_istable(L, 1)) {
/* Table version */
}
lua_pop(L, 1);
- /* TLS options (optional) */
- lua_pushstring(L, "ssl");
- lua_gettable(L, -2);
- if (!!lua_toboolean(L, -1)) {
- tls_opts.use_tls = true;
- }
- lua_pop(L, 1);
-
- lua_pushstring(L, "no_ssl_verify");
- lua_gettable(L, -2);
- if (!!lua_toboolean(L, -1)) {
- tls_opts.no_ssl_verify = true;
- }
- lua_pop(L, 1);
-
- /* Duplicate string options to avoid ephemeral Lua string pointers */
- lua_pushstring(L, "ssl_ca");
- lua_gettable(L, -2);
- if (lua_type(L, -1) == LUA_TSTRING) {
- dup_ca_file = g_strdup(lua_tostring(L, -1));
- tls_opts.ca_file = dup_ca_file;
- }
- lua_pop(L, 1);
-
- lua_pushstring(L, "ssl_ca_dir");
- lua_gettable(L, -2);
- if (lua_type(L, -1) == LUA_TSTRING) {
- dup_ca_dir = g_strdup(lua_tostring(L, -1));
- tls_opts.ca_dir = dup_ca_dir;
- }
- lua_pop(L, 1);
-
- lua_pushstring(L, "ssl_cert");
- lua_gettable(L, -2);
- if (lua_type(L, -1) == LUA_TSTRING) {
- dup_cert_file = g_strdup(lua_tostring(L, -1));
- tls_opts.cert_file = dup_cert_file;
- }
- lua_pop(L, 1);
-
- lua_pushstring(L, "ssl_key");
- lua_gettable(L, -2);
- if (lua_type(L, -1) == LUA_TSTRING) {
- dup_key_file = g_strdup(lua_tostring(L, -1));
- tls_opts.key_file = dup_key_file;
- }
- lua_pop(L, 1);
-
- lua_pushstring(L, "sni");
- lua_gettable(L, -2);
- if (lua_type(L, -1) == LUA_TSTRING) {
- dup_sni = g_strdup(lua_tostring(L, -1));
- tls_opts.sni = dup_sni;
- }
- lua_pop(L, 1);
+ /* TLS options (optional) */
+ lua_pushstring(L, "ssl");
+ lua_gettable(L, -2);
+ if (!!lua_toboolean(L, -1)) {
+ tls_opts.use_tls = true;
+ }
+ lua_pop(L, 1);
+
+ lua_pushstring(L, "no_ssl_verify");
+ lua_gettable(L, -2);
+ if (!!lua_toboolean(L, -1)) {
+ tls_opts.no_ssl_verify = true;
+ }
+ lua_pop(L, 1);
+
+ /* Duplicate string options to avoid ephemeral Lua string pointers */
+ lua_pushstring(L, "ssl_ca");
+ lua_gettable(L, -2);
+ if (lua_type(L, -1) == LUA_TSTRING) {
+ dup_ca_file = g_strdup(lua_tostring(L, -1));
+ tls_opts.ca_file = dup_ca_file;
+ }
+ lua_pop(L, 1);
+
+ lua_pushstring(L, "ssl_ca_dir");
+ lua_gettable(L, -2);
+ if (lua_type(L, -1) == LUA_TSTRING) {
+ dup_ca_dir = g_strdup(lua_tostring(L, -1));
+ tls_opts.ca_dir = dup_ca_dir;
+ }
+ lua_pop(L, 1);
+
+ lua_pushstring(L, "ssl_cert");
+ lua_gettable(L, -2);
+ if (lua_type(L, -1) == LUA_TSTRING) {
+ dup_cert_file = g_strdup(lua_tostring(L, -1));
+ tls_opts.cert_file = dup_cert_file;
+ }
+ lua_pop(L, 1);
+
+ lua_pushstring(L, "ssl_key");
+ lua_gettable(L, -2);
+ if (lua_type(L, -1) == LUA_TSTRING) {
+ dup_key_file = g_strdup(lua_tostring(L, -1));
+ tls_opts.key_file = dup_key_file;
+ }
+ lua_pop(L, 1);
+
+ lua_pushstring(L, "sni");
+ lua_gettable(L, -2);
+ if (lua_type(L, -1) == LUA_TSTRING) {
+ dup_sni = g_strdup(lua_tostring(L, -1));
+ tls_opts.sni = dup_sni;
+ }
+ lua_pop(L, 1);
lua_pushstring(L, "no_pool");
lua_gettable(L, -2);
if (ret) {
ud->terminated = 0;
- ud->ctx = rspamd_redis_pool_connect_ext(ud->pool,
- dbname, username, password,
- rspamd_inet_address_to_string(addr->addr),
- rspamd_inet_address_get_port(addr->addr),
- &tls_opts);
-
- /* Free temporary TLS strings after they have been consumed */
- g_free(dup_ca_file);
- g_free(dup_ca_dir);
- g_free(dup_cert_file);
- g_free(dup_key_file);
- g_free(dup_sni);
-
- if (ip) {
- rspamd_inet_address_free(ip);
- }
+ ud->ctx = rspamd_redis_pool_connect_ext(ud->pool,
+ dbname, username, password,
+ rspamd_inet_address_to_string(addr->addr),
+ rspamd_inet_address_get_port(addr->addr),
+ &tls_opts);
+
+ /* Free temporary TLS strings after they have been consumed */
+ g_free(dup_ca_file);
+ g_free(dup_ca_dir);
+ g_free(dup_cert_file);
+ g_free(dup_key_file);
+ g_free(dup_sni);
+
+ if (ip) {
+ rspamd_inet_address_free(ip);
+ }
if (ud->ctx == NULL || ud->ctx->err) {
if (ud->ctx) {
msg_debug_lua_redis("opened redis connection host=%s; lua_ctx=%p; redis_ctx=%p; ud=%p",
host, ctx, ud->ctx, ud);
- return ctx;
- }
+ return ctx;
+ }
- if (ip) {
- rspamd_inet_address_free(ip);
- }
+ if (ip) {
+ rspamd_inet_address_free(ip);
+ }
- /* Free any duplicated TLS strings on error path */
- g_free(dup_ca_file);
- g_free(dup_ca_dir);
- g_free(dup_cert_file);
- g_free(dup_key_file);
- g_free(dup_sni);
+ /* Free any duplicated TLS strings on error path */
+ g_free(dup_ca_file);
+ g_free(dup_ca_dir);
+ g_free(dup_cert_file);
+ g_free(dup_key_file);
+ g_free(dup_sni);
- return NULL;
+ return NULL;
}
/***
int replies_pending = g_queue_get_length(ctx->replies);
msg_debug_lua_redis("execute pending commands for %p; commands pending = %d; replies pending = %d",
- ctx,
- ctx->cmds_pending,
- replies_pending);
+ ctx,
+ ctx->cmds_pending,
+ replies_pending);
if (ctx->cmds_pending == 0 && replies_pending == 0) {
lua_pushstring(L, "No pending commands to execute");
projects / thirdparty / rspamd.git / commitdiff
