hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MXS-2483: Take SSLProvider into use

Browse Source 
Servers and listeners now have a SSLProvider member variable that is used
for all SSL related tasks.
This commit is contained in:
Markus Mäkelä
2019-05-21 11:29:26 +03:00
parent cb72b2a5cc
commit 3af66f3309
14 changed files with 44 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
server/modules/protocol/MySQL/mariadbclient/mysql_client.cc
View File

@ -242,7 +242,7 @@ std::string get_version_string(SERVICE* service)
bool ssl_required_by_dcb(DCB* dcb)
{
mxb_assert(dcb->session->listener);
return dcb->session->listener->ssl_context();
return dcb->session->listener->ssl().context();
}
/**
@ -716,7 +716,7 @@ static void check_packet(DCB* dcb, GWBUF* buf, int bytes)
if (bytes == MYSQL_AUTH_PACKET_BASE_SIZE)
{
/** This is an SSL request packet */
mxb_assert(dcb->session->listener->ssl_context());
mxb_assert(dcb->session->listener->ssl().context());
mxb_assert(buflen == bytes && pktlen >= buflen);
}
else
@ -743,7 +743,7 @@ bool ssl_is_connection_healthy(DCB* dcb)
* then everything is as we wish. Otherwise, either there is a problem or
* more to be done.
*/
return !dcb->session->listener->ssl_context() || dcb->ssl_state == SSL_ESTABLISHED;
return !dcb->session->listener->ssl().context() || dcb->ssl_state == SSL_ESTABLISHED;
}
/* Looks to be redundant - can remove include for ioctl too */
@ -786,7 +786,7 @@ int ssl_authenticate_client(DCB* dcb, bool is_capable)
const char* remote = dcb->remote ? dcb->remote : "";
const char* service = (dcb->service && dcb->service->name()) ? dcb->service->name() : "";
if (!dcb->session->listener->ssl_context())
if (!dcb->session->listener->ssl().context())
{
/* Not an SSL connection on account of listener configuration */
return SSL_AUTH_CHECKS_OK;

4
server/modules/protocol/MySQL/mysql_common.cc
View File

@ -953,12 +953,12 @@ mxs_auth_state_t gw_send_backend_auth(DCB* dcb)
if (dcb->session == NULL
|| (dcb->session->state != SESSION_STATE_CREATED && dcb->session->state != SESSION_STATE_STARTED)
|| (dcb->server->ssl_context() && dcb->ssl_state == SSL_HANDSHAKE_FAILED))
|| (dcb->server->ssl().context() && dcb->ssl_state == SSL_HANDSHAKE_FAILED))
{
return rval;
}
bool with_ssl = dcb->server->ssl_context();
bool with_ssl = dcb->server->ssl().context();
bool ssl_established = dcb->ssl_state == SSL_ESTABLISHED;
MYSQL_session client;