mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-07 07:37:02 +02:00
Code Issues Projects Releases Wiki Activity

MINOR: ssl: rename confusing ssl_bind_kws

Browse Source 
The ssl_bind_kw structure is exclusively used for crt-list keyword, it
must be named otherwise to remove the confusion.

The structure was renamed ssl_crtlist_kws.
This commit is contained in:
William Lallemand 2023-02-13 10:58:13 +01:00
parent c80560bae7
commit af67806651
5 changed files with 16 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
include/haproxy/listener-t.h
View File

@ -262,7 +262,9 @@ struct bind_kw {
int (*parse)(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err);
int skip; /* nb of args to skip */
};
struct ssl_bind_kw {
/* same as bind_kw but for crtlist keywords */
struct ssl_crtlist_kw {
const char *kw;
int (*parse)(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, int from_cli, char **err);
int skip; /* nb of args to skip */

2
include/haproxy/ssl_sock.h
View File

@ -37,7 +37,7 @@ extern struct eb_root crtlists_tree;
extern struct eb_root cafile_tree;
extern int sctl_ex_index;
extern struct global_ssl global_ssl;
extern struct ssl_bind_kw ssl_bind_kws[];
extern struct ssl_crtlist_kw ssl_crtlist_kws[];
extern struct methodVersions methodVersions[];
__decl_thread(extern HA_SPINLOCK_T ckch_lock);
extern struct pool_head *pool_head_ssl_capture;

4
src/cfgparse-ssl.c
View File

@ -1917,9 +1917,9 @@ static int ssl_parse_skip_self_issued_ca(char **args, int section_type, struct p
* not enabled.
*/
/* the <ssl_bind_kws> keywords are used for crt-list parsing, they *MUST* be safe
/* the <ssl_crtlist_kws> keywords are used for crt-list parsing, they *MUST* be safe
* with their proxy argument NULL and must only fill the ssl_bind_conf */
struct ssl_bind_kw ssl_bind_kws[] = {
struct ssl_crtlist_kw ssl_crtlist_kws[] = {
{ "allow-0rtt", ssl_bind_parse_allow_0rtt, 0 }, /* allow 0-RTT */
{ "alpn", ssl_bind_parse_alpn, 1 }, /* set ALPN supported protocols */
{ "ca-file", ssl_bind_parse_ca_file, 1 }, /* set CAfile to process ca-names and verify on client cert */

10
src/cfgparse.c
View File

@ -4742,13 +4742,13 @@ void cfg_dump_registered_keywords()
extern struct list tcp_req_conn_keywords, tcp_req_sess_keywords,
tcp_req_cont_keywords, tcp_res_cont_keywords;
extern struct bind_kw_list bind_keywords;
extern struct ssl_bind_kw ssl_bind_kws[] __maybe_unused;
extern struct ssl_crtlist_kw ssl_crtlist_kws[] __maybe_unused;
extern struct srv_kw_list srv_keywords;
struct bind_kw_list *bkwl;
struct srv_kw_list *skwl;
const struct bind_kw *bkwp, *bkwn;
const struct srv_kw *skwp, *skwn;
const struct ssl_bind_kw *sbkwp __maybe_unused, *sbkwn __maybe_unused;
const struct ssl_crtlist_kw *sbkwp __maybe_unused, *sbkwn __maybe_unused;
const struct cfg_opt *coptp, *coptn;
for (bkwn = bkwp = NULL;; bkwp = bkwn) {
@ -4770,11 +4770,11 @@ void cfg_dump_registered_keywords()
#if defined(USE_OPENSSL)
for (sbkwn = sbkwp = NULL;; sbkwp = sbkwn) {
for (index = 0; ssl_bind_kws[index].kw != NULL; index++) {
for (index = 0; ssl_crtlist_kws[index].kw != NULL; index++) {
if (strordered(sbkwp ? sbkwp->kw : NULL,
ssl_bind_kws[index].kw,
ssl_crtlist_kws[index].kw,
sbkwn != sbkwp ? sbkwn->kw : NULL))
sbkwn = &ssl_bind_kws[index];
sbkwn = &ssl_crtlist_kws[index];
}
if (sbkwn == sbkwp)
break;

10
src/ssl_crtlist.c
View File

@ -420,17 +420,17 @@ int crtlist_parse_line(char *line, char **crt_path, struct crtlist_entry *entry,
cur_arg = ssl_b ? ssl_b : 1;
while (cur_arg < ssl_e) {
newarg = 0;
for (i = 0; ssl_bind_kws[i].kw != NULL; i++) {
if (strcmp(ssl_bind_kws[i].kw, args[cur_arg]) == 0) {
for (i = 0; ssl_crtlist_kws[i].kw != NULL; i++) {
if (strcmp(ssl_crtlist_kws[i].kw, args[cur_arg]) == 0) {
newarg = 1;
cfgerr |= ssl_bind_kws[i].parse(args, cur_arg, NULL, ssl_conf, from_cli, err);
if (cur_arg + 1 + ssl_bind_kws[i].skip > ssl_e) {
cfgerr |= ssl_crtlist_kws[i].parse(args, cur_arg, NULL, ssl_conf, from_cli, err);
if (cur_arg + 1 + ssl_crtlist_kws[i].skip > ssl_e) {
memprintf(err, "parsing [%s:%d]: ssl args out of '[]' for %s",
file, linenum, args[cur_arg]);
cfgerr |= ERR_ALERT | ERR_FATAL;
goto error;
}
cur_arg += 1 + ssl_bind_kws[i].skip;
cur_arg += 1 + ssl_crtlist_kws[i].skip;
break;
}
}