You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by sh...@apache.org on 2015/04/28 22:24:06 UTC

trafficserver git commit: TS-3554: Had to rearrange functions so the test_certlookup program would link with additional release method.

Repository: trafficserver
Updated Branches:
  refs/heads/master 966353bc9 -> 29d72d393


TS-3554: Had to rearrange functions so the test_certlookup program would link with additional release method.


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/29d72d39
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/29d72d39
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/29d72d39

Branch: refs/heads/master
Commit: 29d72d393aa31950a173e43c26f0798efdc77127
Parents: 966353b
Author: shinrich <sh...@yahoo-inc.com>
Authored: Tue Apr 28 15:21:58 2015 -0500
Committer: shinrich <sh...@yahoo-inc.com>
Committed: Tue Apr 28 15:23:54 2015 -0500

----------------------------------------------------------------------
 iocore/net/P_SSLCertLookup.h |  3 +++
 iocore/net/SSLCertLookup.cc  | 39 ++++++++++++++++++++++++++++++++++++++
 iocore/net/SSLUtils.cc       | 40 +--------------------------------------
 3 files changed, 43 insertions(+), 39 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/29d72d39/iocore/net/P_SSLCertLookup.h
----------------------------------------------------------------------
diff --git a/iocore/net/P_SSLCertLookup.h b/iocore/net/P_SSLCertLookup.h
index ebac339..b3591ec 100644
--- a/iocore/net/P_SSLCertLookup.h
+++ b/iocore/net/P_SSLCertLookup.h
@@ -109,4 +109,7 @@ struct SSLCertLookup : public ConfigInfo {
   virtual ~SSLCertLookup();
 };
 
+void ticket_block_free(void *ptr);
+ssl_ticket_key_block *ticket_block_alloc(unsigned count);
+
 #endif /* __P_SSLCERTLOOKUP_H__ */

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/29d72d39/iocore/net/SSLCertLookup.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLCertLookup.cc b/iocore/net/SSLCertLookup.cc
index 2e40208..071b2db 100644
--- a/iocore/net/SSLCertLookup.cc
+++ b/iocore/net/SSLCertLookup.cc
@@ -133,6 +133,45 @@ private:
   int store(SSLCertContext const &cc);
 };
 
+// Zero out and free the heap space allocated for ticket keys to avoid leaking secrets.
+// The first several bytes stores the number of keys and the rest stores the ticket keys.
+void
+ticket_block_free(void *ptr)
+{
+  if (ptr) {
+    ssl_ticket_key_block *key_block_ptr = (ssl_ticket_key_block *)ptr;
+    unsigned num_ticket_keys = key_block_ptr->num_keys;
+    memset(ptr, 0, sizeof(ssl_ticket_key_block) + num_ticket_keys * sizeof(ssl_ticket_key_t));
+  }
+  ats_free(ptr);
+}
+
+ssl_ticket_key_block *
+ticket_block_alloc(unsigned count)
+{
+  ssl_ticket_key_block *ptr;
+  size_t nbytes = sizeof(ssl_ticket_key_block) + count * sizeof(ssl_ticket_key_t);
+
+  ptr = (ssl_ticket_key_block *)ats_malloc(nbytes);
+  memset(ptr, 0, nbytes);
+  ptr->num_keys = count;
+
+  return ptr;
+}
+
+void 
+SSLCertContext::release()
+{
+  if (keyblock) {
+    ticket_block_free(keyblock);
+    keyblock = NULL;
+  }
+  if (ctx) {
+    SSL_CTX_free(ctx);
+    ctx = NULL;
+  }
+}
+
 SSLCertLookup::SSLCertLookup() : ssl_storage(new SSLContextStorage()), ssl_default(NULL), is_valid(true)
 {
 }

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/29d72d39/iocore/net/SSLUtils.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index 64d98e8..76727c5 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -116,47 +116,9 @@ static int ssl_callback_session_ticket(SSL *, unsigned char *, unsigned char *,
 
 #if HAVE_OPENSSL_SESSION_TICKETS
 static int ssl_session_ticket_index = -1;
+#endif
 
 
-// Zero out and free the heap space allocated for ticket keys to avoid leaking secrets.
-// The first several bytes stores the number of keys and the rest stores the ticket keys.
-static void
-ticket_block_free(void *ptr)
-{
-  if (ptr) {
-    ssl_ticket_key_block *key_block_ptr = (ssl_ticket_key_block *)ptr;
-    unsigned num_ticket_keys = key_block_ptr->num_keys;
-    memset(ptr, 0, sizeof(ssl_ticket_key_block) + num_ticket_keys * sizeof(ssl_ticket_key_t));
-  }
-  ats_free(ptr);
-}
-
-void SSLCertContext::release()
-{
-  if (keyblock) {
-    ticket_block_free(keyblock);
-    keyblock = NULL;
-  }
-  if (ctx) {
-    SSL_CTX_free(ctx);
-    ctx = NULL;
-  }
-}
-
-static ssl_ticket_key_block *
-ticket_block_alloc(unsigned count)
-{
-  ssl_ticket_key_block *ptr;
-  size_t nbytes = sizeof(ssl_ticket_key_block) + count * sizeof(ssl_ticket_key_t);
-
-  ptr = (ssl_ticket_key_block *)ats_malloc(nbytes);
-  memset(ptr, 0, nbytes);
-  ptr->num_keys = count;
-
-  return ptr;
-}
-
-#endif
 static pthread_mutex_t *mutex_buf = NULL;
 static bool open_ssl_initialized = false;