MXS-2486: Move to_string into SSLProvider
The functionality is more a part of the provider than the context so it should be defined in it. It also doesn't use any parts of the SSLContext which makes it somewhat more clear that it doesn't belong there.
This commit is contained in:
Markus Mäkelä
@ -117,12 +117,6 @@ public:
|
|||||||
return m_cfg;
|
return m_cfg;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Convert to JSON representation
|
|
||||||
json_t* to_json() const;
|
|
||||||
|
|
||||||
// Convert to human readable string representation
|
|
||||||
std::string to_string() const;
|
|
||||||
|
|
||||||
~SSLContext();
|
~SSLContext();
|
||||||
|
|
||||||
private:
|
private:
|
||||||
@ -144,12 +138,21 @@ public:
|
|||||||
|
|
||||||
SSLProvider(std::unique_ptr<mxs::SSLContext> context);
|
SSLProvider(std::unique_ptr<mxs::SSLContext> context);
|
||||||
|
|
||||||
|
// Return true if SSL is enabled
|
||||||
|
bool enabled() const
|
||||||
|
{
|
||||||
|
return m_context.get();
|
||||||
|
}
|
||||||
|
|
||||||
// Current configuration
|
// Current configuration
|
||||||
const mxs::SSLConfig& config() const;
|
const mxs::SSLConfig& config() const;
|
||||||
|
|
||||||
// The context or nullptr if no context is set
|
// The context or nullptr if no context is set
|
||||||
mxs::SSLContext* context() const;
|
mxs::SSLContext* context() const;
|
||||||
|
|
||||||
|
// Convert to human readable string representation
|
||||||
|
std::string to_string() const;
|
||||||
|
|
||||||
// Set the context, argument must not be null
|
// Set the context, argument must not be null
|
||||||
void set_context(std::unique_ptr<mxs::SSLContext> ssl);
|
void set_context(std::unique_ptr<mxs::SSLContext> ssl);
|
||||||
|
|
||||||
|
|||||||
@ -524,9 +524,9 @@ void Server::print_to_dcb(DCB* dcb) const
|
|||||||
+ server->stats.n_from_pool + 1);
|
+ server->stats.n_from_pool + 1);
|
||||||
dcb_printf(dcb, "\tPool availability: %0.2lf%%\n", d * 100.0);
|
dcb_printf(dcb, "\tPool availability: %0.2lf%%\n", d * 100.0);
|
||||||
}
|
}
|
||||||
if (server->ssl().context())
|
if (server->ssl().enabled())
|
||||||
{
|
{
|
||||||
dcb_printf(dcb, "%s", server->ssl().context()->to_string().c_str());
|
dcb_printf(dcb, "%s", server->ssl().to_string().c_str());
|
||||||
}
|
}
|
||||||
if (server->proxy_protocol)
|
if (server->proxy_protocol)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -358,34 +358,6 @@ bool SSLContext::init()
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
json_t* SSLContext::to_json() const
|
|
||||||
{
|
|
||||||
json_t* ssl = json_object();
|
|
||||||
const char* ssl_method = ssl_method_type_to_string(m_cfg.version);
|
|
||||||
|
|
||||||
json_object_set_new(ssl, "ssl_version", json_string(ssl_method));
|
|
||||||
json_object_set_new(ssl, "ssl_cert", json_string(m_cfg.cert.c_str()));
|
|
||||||
json_object_set_new(ssl, "ssl_ca_cert", json_string(m_cfg.ca.c_str()));
|
|
||||||
json_object_set_new(ssl, "ssl_key", json_string(m_cfg.key.c_str()));
|
|
||||||
|
|
||||||
return ssl;
|
|
||||||
}
|
|
||||||
|
|
||||||
std::string SSLContext::to_string() const
|
|
||||||
{
|
|
||||||
std::ostringstream ss;
|
|
||||||
|
|
||||||
ss << "\tSSL initialized: yes\n"
|
|
||||||
<< "\tSSL method type: " << ssl_method_type_to_string(m_cfg.version) << "\n"
|
|
||||||
<< "\tSSL certificate verification depth: " << m_cfg.verify_depth << "\n"
|
|
||||||
<< "\tSSL peer verification : " << (m_cfg.verify_peer ? "true" : "false") << "\n"
|
|
||||||
<< "\tSSL certificate: " << m_cfg.cert << "\n"
|
|
||||||
<< "\tSSL key: " << m_cfg.key << "\n"
|
|
||||||
<< "\tSSL CA certificate: " << m_cfg.ca << "\n";
|
|
||||||
|
|
||||||
return ss.str();
|
|
||||||
}
|
|
||||||
|
|
||||||
SSLContext::~SSLContext()
|
SSLContext::~SSLContext()
|
||||||
{
|
{
|
||||||
SSL_CTX_free(m_ctx);
|
SSL_CTX_free(m_ctx);
|
||||||
@ -413,4 +385,19 @@ void SSLProvider::set_context(std::unique_ptr<mxs::SSLContext> ssl)
|
|||||||
m_context = std::move(ssl);
|
m_context = std::move(ssl);
|
||||||
m_config = m_context->config();
|
m_config = m_context->config();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
std::string SSLProvider::to_string() const
|
||||||
|
{
|
||||||
|
std::ostringstream ss;
|
||||||
|
|
||||||
|
ss << "\tSSL initialized: yes\n"
|
||||||
|
<< "\tSSL method type: " << ssl_method_type_to_string(m_config.version) << "\n"
|
||||||
|
<< "\tSSL certificate verification depth: " << m_config.verify_depth << "\n"
|
||||||
|
<< "\tSSL peer verification : " << (m_config.verify_peer ? "true" : "false") << "\n"
|
||||||
|
<< "\tSSL certificate: " << m_config.cert << "\n"
|
||||||
|
<< "\tSSL key: " << m_config.key << "\n"
|
||||||
|
<< "\tSSL CA certificate: " << m_config.ca << "\n";
|
||||||
|
|
||||||
|
return ss.str();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1477,9 +1477,11 @@ static void diagnostics(MXS_ROUTER* router, DCB* dcb)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* SSL options */
|
/* SSL options */
|
||||||
if (auto ssl = router_inst->service->dbref->server->ssl().context())
|
const auto& ssl = router_inst->service->dbref->server->ssl();
|
||||||
|
|
||||||
|
if (ssl.enabled())
|
||||||
{
|
{
|
||||||
dcb_printf(dcb, "%s", ssl->to_string().c_str());
|
dcb_printf(dcb, "%s", ssl.to_string().c_str());
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Binlog Encryption options */
|
/* Binlog Encryption options */
|
||||||
@ -1953,12 +1955,6 @@ static json_t* diagnostics_json(const MXS_ROUTER* router)
|
|||||||
min10 /= 10.0;
|
min10 /= 10.0;
|
||||||
min5 /= 5.0;
|
min5 /= 5.0;
|
||||||
|
|
||||||
/* SSL options */
|
|
||||||
if (auto ssl = router_inst->service->dbref->server->ssl().context())
|
|
||||||
{
|
|
||||||
json_object_set_new(rval, "master_ssl", ssl->to_json());
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Binlog Encryption options */
|
/* Binlog Encryption options */
|
||||||
if (router_inst->encryption.enabled)
|
if (router_inst->encryption.enabled)
|
||||||
{
|
{
|
||||||
|
|||||||
Reference in New Issue
Block a user