MXS-2483: Move SSL configuration into SSLConfig

This way the configuration information can be accessed without the SSLContext.
2019-05-21 10:03:40 +03:00
parent 075ad1cfb3
commit 8a4b58d52c
7 changed files with 89 additions and 83 deletions
--- a/server/modules/authenticator/PAM/PAMBackendAuth/pam_backend_auth.cc
+++ b/server/modules/authenticator/PAM/PAMBackendAuth/pam_backend_auth.cc
@ -52,7 +52,7 @@ static bool pam_backend_auth_extract(DCB* dcb, GWBUF* buffer)
 */
 static bool pam_backend_auth_connectssl(DCB* dcb)
 {
-    return dcb->server->ssl_context() != NULL;
+    return dcb->server->ssl_context();
 }

 /**
--- a/server/modules/protocol/MySQL/mysql_common.cc
+++ b/server/modules/protocol/MySQL/mysql_common.cc
@ -952,10 +952,8 @@ mxs_auth_state_t gw_send_backend_auth(DCB* dcb)
    mxs_auth_state_t rval = MXS_AUTH_STATE_FAILED;

    if (dcb->session == NULL
-        || (dcb->session->state != SESSION_STATE_CREATED
-            && dcb->session->state != SESSION_STATE_STARTED)
-        || (dcb->server->ssl_context()
-            && dcb->ssl_state == SSL_HANDSHAKE_FAILED))
+        || (dcb->session->state != SESSION_STATE_CREATED && dcb->session->state != SESSION_STATE_STARTED)
+        || (dcb->server->ssl_context() && dcb->ssl_state == SSL_HANDSHAKE_FAILED))
    {
        return rval;
    }
--- a/server/modules/routing/binlogrouter/blr_slave.cc
+++ b/server/modules/routing/binlogrouter/blr_slave.cc
@ -4850,24 +4850,26 @@ static void blr_master_get_config(ROUTER_INSTANCE* router, MasterServerConfig* c
    curr_master->password = router->password;
    curr_master->filestem = router->fileroot;
    /* SSL options */
-    if (auto server_ssl = router->service->dbref->server->ssl_context())
+    auto server_ssl = router->service->dbref->server->ssl_config();
+
+    if (!server_ssl.empty())
    {
        curr_master->ssl_enabled = router->ssl_enabled;
        if (router->ssl_version)
        {
            curr_master->ssl_version = router->ssl_version;
        }
-        if (!server_ssl->ssl_key().empty())
+        if (!server_ssl.key.empty())
        {
-            curr_master->ssl_key = server_ssl->ssl_key();
+            curr_master->ssl_key = server_ssl.key;
        }
-        if (!server_ssl->ssl_cert().empty())
+        if (!server_ssl.cert.empty())
        {
-            curr_master->ssl_cert = server_ssl->ssl_cert();
+            curr_master->ssl_cert = server_ssl.cert;
        }
-        if (!server_ssl->ssl_ca().empty())
+        if (!server_ssl.ca.empty())
        {
-            curr_master->ssl_ca = server_ssl->ssl_ca();
+            curr_master->ssl_ca = server_ssl.ca;
        }
    }
    /* Connect options */