From 859e9304666fe14c1b7ba285c55a065665e39ae6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= <markus.makela@mariadb.com>
Date: Fri, 24 May 2019 13:11:24 +0300
Subject: [PATCH] MXS-2486: Make SSL configurations immutable

Changes to SSL configurations is expected to be rare which allows them to
be made into immutable objects once created. This is an acceptable
compromise between performance and usability.
---
 include/maxscale/ssl.hh | 13 +++++++++----
 server/core/ssl.cc      | 10 ++++------
 2 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/include/maxscale/ssl.hh b/include/maxscale/ssl.hh
index 76cbc74b6..e9a7b4b9b 100644
--- a/include/maxscale/ssl.hh
+++ b/include/maxscale/ssl.hh
@@ -151,12 +151,17 @@ public:
 
     SSLProvider(std::unique_ptr<mxs::SSLContext> context);
 
+    // Current configuration
     const mxs::SSLConfig& config() const;
-    mxs::SSLContext*      context() const;
-    void                  set_context(std::unique_ptr<mxs::SSLContext> ssl);
+
+    // The context or nullptr if no context is set
+    mxs::SSLContext* context() const;
+
+    // Set the context, argument must not be null
+    void set_context(std::unique_ptr<mxs::SSLContext> ssl);
 
 private:
-    mxs::rworker_local<std::shared_ptr<mxs::SSLContext>> m_context;     /**< SSL context */
-    mxs::SSLConfig                                       m_config;      /**< SSL configuration */
+    std::unique_ptr<mxs::SSLContext> m_context;     /**< SSL context */
+    mxs::SSLConfig                   m_config;      /**< SSL configuration */
 };
 }
diff --git a/server/core/ssl.cc b/server/core/ssl.cc
index c8f55badf..6d000338d 100644
--- a/server/core/ssl.cc
+++ b/server/core/ssl.cc
@@ -422,7 +422,7 @@ SSLProvider::SSLProvider(std::unique_ptr<mxs::SSLContext> context)
 mxs::SSLContext* SSLProvider::context() const
 {
     mxb_assert_message(mxs::RoutingWorker::get_current(), "Must be used on a RoutingWorker");
-    return m_context->get();
+    return m_context.get();
 }
 
 const mxs::SSLConfig& SSLProvider::config() const
@@ -432,10 +432,8 @@ const mxs::SSLConfig& SSLProvider::config() const
 
 void SSLProvider::set_context(std::unique_ptr<mxs::SSLContext> ssl)
 {
-    mxb_assert_message(mxs::RoutingWorker::get_current()
-                       == mxs::RoutingWorker::get(mxs::RoutingWorker::MAIN),
-                       "Must be only set on the main RoutingWorker");
-    m_config = ssl ? ssl->config() : mxs::SSLConfig {};
-    m_context.assign(std::move(ssl));
+    mxb_assert(ssl);
+    m_context = std::move(ssl);
+    m_config = m_context->config();
 }
 }