hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MXS-2483: Take SSLProvider into use

Browse Source 
Servers and listeners now have a SSLProvider member variable that is used
for all SSL related tasks.
This commit is contained in:
Markus Mäkelä
2019-05-21 11:29:26 +03:00
parent cb72b2a5cc
commit 3af66f3309
14 changed files with 44 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
server/core/config_runtime.cc
View File

@ -434,7 +434,7 @@ bool runtime_enable_server_ssl(Server* server,
{
bool rval = false;
if (server->ssl_context())
if (server->ssl().context())
{
config_runtime_error("Server '%s' already configured to use SSL.", server->name());
}
@ -446,7 +446,7 @@ bool runtime_enable_server_ssl(Server* server,
if (ssl)
{
server->set_ssl_context(std::move(ssl));
server->ssl().set_context(std::move(ssl));
if (server->serialize())
{
@ -1903,7 +1903,7 @@ static bool validate_ssl_json(json_t* params, object_type type)
static bool process_ssl_parameters(Server* server, json_t* params)
{
mxb_assert(server->ssl_context() == NULL);
mxb_assert(server->ssl().context() == NULL);
bool rval = true;
if (have_ssl_json(params))

10
server/core/dcb.cc
View File

@ -2150,8 +2150,8 @@ static int dcb_create_SSL(DCB* dcb, mxs::SSLContext* ssl)
*/
int dcb_accept_SSL(DCB* dcb)
{
if (!dcb->session->listener->ssl_context()
|| (!dcb->ssl && dcb_create_SSL(dcb, dcb->session->listener->ssl_context()) != 0))
if (!dcb->session->listener->ssl().context()
|| (!dcb->ssl && dcb_create_SSL(dcb, dcb->session->listener->ssl().context()) != 0))
{
return -1;
}
@ -2227,10 +2227,10 @@ int dcb_connect_SSL(DCB* dcb)
int ssl_rval;
int return_code;
if ((NULL == dcb->server || NULL == dcb->server->ssl_context())
|| (NULL == dcb->ssl && dcb_create_SSL(dcb, dcb->server->ssl_context()) != 0))
if ((NULL == dcb->server || NULL == dcb->server->ssl().context())
|| (NULL == dcb->ssl && dcb_create_SSL(dcb, dcb->server->ssl().context()) != 0))
{
mxb_assert((NULL != dcb->server) && (NULL != dcb->server->ssl_context()));
mxb_assert((NULL != dcb->server) && (NULL != dcb->server->ssl().context()));
return -1;
}
dcb->ssl_state = SSL_HANDSHAKE_REQUIRED;

11
server/core/listener.cc
View File

@ -116,12 +116,12 @@ Listener::Listener(SERVICE* service,
, m_authenticator(authenticator)
, m_auth_options(auth_opts)
, m_auth_instance(auth_instance)
, m_ssl_context(std::move(ssl))
, m_users(nullptr)
, m_service(service)
, m_proto_func(*(MXS_PROTOCOL*)load_module(protocol.c_str(), MODULE_PROTOCOL))
, m_auth_func(*(MXS_AUTHENTICATOR*)load_module(authenticator.c_str(), MODULE_AUTHENTICATOR))
, m_params(params)
, m_ssl_provider(std::move(ssl))
{
if (strcasecmp(service->router_name(), "cli") == 0 || strcasecmp(service->router_name(), "maxinfo") == 0)
{
@ -476,9 +476,9 @@ bool Listener::create_listener_config(const char* filename)
dprintf(file, "authenticator_options=%s\n", m_auth_options.c_str());
}
if (m_ssl_context)
if (ssl().context())
{
dprintf(file, "%s", m_ssl_context->serialize().c_str());
dprintf(file, "%s", ssl().context()->serialize().c_str());
}
::close(file);
@ -606,11 +606,6 @@ void* Listener::auth_instance() const
return m_auth_instance;
}
mxs::SSLContext* Listener::ssl_context() const
{
return m_ssl_context.get();
}
const char* Listener::state() const
{
switch (m_state)

2
server/core/mysql_utils.cc
View File

@ -155,7 +155,7 @@ char* mxs_lestr_consume(uint8_t** c, size_t* size)
MYSQL* mxs_mysql_real_connect(MYSQL* con, SERVER* server, const char* user, const char* passwd)
{
auto ssl = server->ssl_config();
auto ssl = server->ssl().config();
if (!ssl.empty())
{

4
server/core/server.cc
View File

@ -524,9 +524,9 @@ void Server::print_to_dcb(DCB* dcb) const
+ server->stats.n_from_pool + 1);
dcb_printf(dcb, "\tPool availability: %0.2lf%%\n", d * 100.0);
}
if (server->ssl_context())
if (server->ssl().context())
{
dcb_printf(dcb, "%s", server->ssl_context()->to_string().c_str());
dcb_printf(dcb, "%s", server->ssl().context()->to_string().c_str());
}
if (server->proxy_protocol)
{