mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-20 21:31:28 +02:00
Code Issues Projects Releases Wiki Activity

CLEANUP: ssl: rename ssl_sock_load_ca to ssl_sock_gencert_load_ca

Browse Source 
ssl_sock_load_ca is defined in ssl_gencert.c and compiled only if
SSL_NO_GENERATE_CERTIFICATES is not defined. It's name is a bit confusing, as
we may think at the first glance, that it's a generic function, which is also
used to load CA file, provided via 'ca-file' keyword.
ssl_set_verify_locations_file is used in this case.

So let's rename ssl_sock_load_ca into ssl_sock_gencert_load_ca. Same is
applied to ssl_sock_free_ca.
This commit is contained in:
Valentine Krasnobaeva 2025-01-23 15:58:15 +01:00 committed by William Lallemand
parent c987f30245
commit 846819b316
3 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
include/haproxy/ssl_sock.h
View File

@ -68,8 +68,8 @@ void ssl_sock_free_srv_ctx(struct server *srv);
void ssl_sock_free_all_ctx(struct bind_conf *bind_conf);
int ssl_sock_get_alpn(const struct connection *conn, void *xprt_ctx,
const char **str, int *len);
int ssl_sock_load_ca(struct bind_conf *bind_conf);
void ssl_sock_free_ca(struct bind_conf *bind_conf);
int ssl_sock_gencert_load_ca(struct bind_conf *bind_conf);
void ssl_sock_gencert_free_ca(struct bind_conf *bind_conf);
int ssl_bio_and_sess_init(struct connection *conn, SSL_CTX *ssl_ctx,
SSL **ssl, BIO **bio, BIO_METHOD *bio_meth, void *ctx);
const char *ssl_sock_get_sni(struct connection *conn);

4
src/ssl_gencert.c
View File

@ -381,7 +381,7 @@ int ssl_sock_generate_certificate_from_conn(struct bind_conf *bind_conf, SSL *ss
/* Load CA cert file and private key used to generate certificates */
int
ssl_sock_load_ca(struct bind_conf *bind_conf)
ssl_sock_gencert_load_ca(struct bind_conf *bind_conf)
{
struct proxy *px = bind_conf->frontend;
struct ckch_data *data = NULL;
@ -446,7 +446,7 @@ ssl_sock_load_ca(struct bind_conf *bind_conf)
/* Release CA cert and private key used to generate certificated */
void
ssl_sock_free_ca(struct bind_conf *bind_conf)
ssl_sock_gencert_free_ca(struct bind_conf *bind_conf)
{
if (bind_conf->ca_sign_ckch) {
ssl_sock_free_cert_key_and_chain_contents(bind_conf->ca_sign_ckch);

4
src/ssl_sock.c
View File

@ -4790,7 +4790,7 @@ int ssl_sock_prepare_bind_conf(struct bind_conf *bind_conf)
#ifndef SSL_NO_GENERATE_CERTIFICATES
/* initialize CA variables if the certificates generation is enabled */
err += ssl_sock_load_ca(bind_conf);
err += ssl_sock_gencert_load_ca(bind_conf);
#endif
return -err;
@ -4884,7 +4884,7 @@ REGISTER_POST_DEINIT(ssl_sock_deinit);
void ssl_sock_destroy_bind_conf(struct bind_conf *bind_conf)
{
#ifndef SSL_NO_GENERATE_CERTIFICATES
ssl_sock_free_ca(bind_conf);
ssl_sock_gencert_free_ca(bind_conf);
#endif
ssl_sock_free_all_ctx(bind_conf);
ssl_sock_free_ssl_conf(&bind_conf->ssl_conf);