You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@trafficserver.apache.org by Igor Galić <i....@brainsware.org> on 2012/04/08 19:19:06 UTC
Re: [7/7] git commit: TS-1147: Remove SSLNetProcessor::initSSL()
----- Original Message -----
> TS-1147: Remove SSLNetProcessor::initSSL()
>
>
> Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
> Commit:
> http://git-wip-us.apache.org/repos/asf/trafficserver/commit/e7d57849
> Tree:
> http://git-wip-us.apache.org/repos/asf/trafficserver/tree/e7d57849
> Diff:
> http://git-wip-us.apache.org/repos/asf/trafficserver/diff/e7d57849
>
> Branch: refs/heads/master
> Commit: e7d57849df051436d2f13b529d14c0bfe6091d46
> Parents: 8fd5523
> Author: James Peach <jp...@apache.org>
> Authored: Fri Mar 30 21:55:08 2012 -0700
> Committer: James Peach <jp...@apache.org>
> Committed: Fri Apr 6 21:19:42 2012 -0700
>
> ----------------------------------------------------------------------
> iocore/net/P_SSLNetProcessor.h | 1 -
> iocore/net/SSLNetProcessor.cc | 27 ++-------------------------
> 2 files changed, 2 insertions(+), 26 deletions(-)
> ----------------------------------------------------------------------
>
>
> http://git-wip-us.apache.org/repos/asf/trafficserver/blob/e7d57849/iocore/net/P_SSLNetProcessor.h
> ----------------------------------------------------------------------
> diff --git a/iocore/net/P_SSLNetProcessor.h
> b/iocore/net/P_SSLNetProcessor.h
> index a3156a3..fdfb2bc 100644
> --- a/iocore/net/P_SSLNetProcessor.h
> +++ b/iocore/net/P_SSLNetProcessor.h
> @@ -62,7 +62,6 @@ public:
>
> void cleanup(void);
> int reconfigure();
> - int initSSL(const SslConfigParams * param);
> int initSSLClient(const SslConfigParams * param);
>
> int initSSLServerCTX(SSL_CTX * ctx,
>
> http://git-wip-us.apache.org/repos/asf/trafficserver/blob/e7d57849/iocore/net/SSLNetProcessor.cc
> ----------------------------------------------------------------------
> diff --git a/iocore/net/SSLNetProcessor.cc
> b/iocore/net/SSLNetProcessor.cc
> index dc8a832..eef1967 100644
> --- a/iocore/net/SSLNetProcessor.cc
> +++ b/iocore/net/SSLNetProcessor.cc
> @@ -141,13 +141,9 @@ SSLNetProcessor::reconfigure(void)
>
> if (HttpProxyPort::hasSSL()) {
> // Only init server stuff if SSL is enabled in the config file
> - err = initSSL(param);
> - if (err == 0) {
> - sslCertLookup.init(param);
> - } else {
> - logSSLError("Can't initialize the SSL library, disabling SSL
> termination!");
> - }
> + sslCertLookup.init(param);
> }
> +
> // Enable client regardless of config file setttings as remap file
> // can cause HTTP layer to connect using SSL. But only if SSL
> // initialization hasn't failed already.
> @@ -216,25 +212,6 @@ SSLNetProcessor::logSSLError(const char *errStr,
> int critical)
> }
>
> int
> -SSLNetProcessor::initSSL(const SslConfigParams * param)
> -{
> - ink_ssl_method_t meth = NULL;
> -
> - // Note that we do not call RAND_seed() explicitly here, we depend
> on OpenSSL
> - // to do the seeding of the PRNG for us. This is the case for all
> platforms that
> - // has /dev/urandom for example.
> -
> - meth = SSLv23_server_method();
> - ctx = SSL_CTX_new(meth);
> - if (!ctx) {
> - logSSLError("Cannot create new server contex.");
> - return (-1);
> - }
> -
> - return initSSLServerCTX(ctx, param, param->serverCertPath,
> param->serverCertChainPath, param->serverKeyPath, true);
> -}
> -
> -int
> SSLNetProcessor::initSSLServerCTX(SSL_CTX * lCtx, const
> SslConfigParams * param,
> const char *serverCertPtr, const char *serverCaCertPtr,
> const char *serverKeyPtr, bool defaultEnabled)
>
>
https://cwiki.apache.org/confluence/display/TS/Coding+Style
--
Igor Galić
Tel: +43 (0) 664 886 22 883
Mail: i.galic@brainsware.org
URL: http://brainsware.org/
GPG: 6880 4155 74BD FD7C B515 2EA5 4B1D 9E08 A097 C9AE