0
0
Fork 0
mirror of https://github.com/matrix-construct/construct synced 2024-11-18 07:50:57 +01:00

sslproc: use global ServerInfo configuration

There's no need to pass information around that sslproc already has access
to, so use ServerInfo directly. Remove the extra NULL checks as these are
already performed before setting ircd_ssl_ok = true.
This commit is contained in:
Simon Arlott 2016-04-25 19:20:45 +01:00
parent 90fd6ede1b
commit f7b0c4b3d8
No known key found for this signature in database
GPG key ID: C8975F2043CA5D24
3 changed files with 24 additions and 30 deletions

View file

@ -33,11 +33,11 @@ enum ssld_status {
void init_ssld(void);
void restart_ssld(void);
int start_ssldaemon(int count, const char *ssl_cert, const char *ssl_private_key, const char *ssl_dh_params, const char *ssl_cipher_list);
int start_ssldaemon(int count);
ssl_ctl_t *start_ssld_accept(rb_fde_t *sslF, rb_fde_t *plainF, uint32_t id);
ssl_ctl_t *start_ssld_connect(rb_fde_t *sslF, rb_fde_t *plainF, uint32_t id);
void start_zlib_session(void *data);
void send_new_ssl_certs(const char *ssl_cert, const char *ssl_private_key, const char *ssl_dh_params, const char *ssl_cipher_list);
void ssld_update_config(void);
void ssld_decrement_clicount(ssl_ctl_t *ctl);
int get_ssld_count(void);
void ssld_foreach_info(void (*func)(void *data, pid_t pid, int cli_count, enum ssld_status status, const char *version), void *data);

View file

@ -869,14 +869,14 @@ validate_conf(void)
ircd_ssl_ok = false;
} else {
ircd_ssl_ok = true;
send_new_ssl_certs(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params, ServerInfo.ssl_cipher_list);
ssld_update_config();
}
if(ServerInfo.ssld_count > get_ssld_count())
{
int start = ServerInfo.ssld_count - get_ssld_count();
/* start up additional ssld if needed */
start_ssldaemon(start, ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params, ServerInfo.ssl_cipher_list);
start_ssldaemon(start);
}
if(ServerInfo.wsockd_count > get_wsockd_count())

View file

@ -69,9 +69,7 @@ struct _ssl_ctl
char version[256];
};
static void send_new_ssl_certs_one(ssl_ctl_t * ctl, const char *ssl_cert,
const char *ssl_private_key, const char *ssl_dh_params,
const char *ssl_cipher_list);
static void send_new_ssl_certs_one(ssl_ctl_t * ctl);
static void send_certfp_method(ssl_ctl_t *ctl, int method);
@ -171,7 +169,7 @@ restart_ssld(void)
}
}
start_ssldaemon(ServerInfo.ssld_count, ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params, ServerInfo.ssl_cipher_list);
start_ssldaemon(ServerInfo.ssld_count);
}
static void
@ -207,7 +205,7 @@ ssl_dead(ssl_ctl_t * ctl)
ssld_count--;
ilog(L_MAIN, "ssld helper died - attempting to restart");
sendto_realops_snomask(SNO_GENERAL, L_ALL, "ssld helper died - attempting to restart");
start_ssldaemon(1, ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params, ServerInfo.ssl_cipher_list);
start_ssldaemon(1);
}
}
@ -236,12 +234,12 @@ restart_ssld_event(void *unused)
int start = ServerInfo.ssld_count - get_ssld_count();
ilog(L_MAIN, "Attempting to restart ssld processes");
sendto_realops_snomask(SNO_GENERAL, L_ALL, "Attempt to restart ssld processes");
start_ssldaemon(start, ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params, ServerInfo.ssl_cipher_list);
start_ssldaemon(start);
}
}
int
start_ssldaemon(int count, const char *ssl_cert, const char *ssl_private_key, const char *ssl_dh_params, const char *ssl_cipher_list)
start_ssldaemon(int count)
{
rb_fde_t *F1, *F2;
rb_fde_t *P1, *P2;
@ -341,10 +339,8 @@ start_ssldaemon(int count, const char *ssl_cert, const char *ssl_private_key, co
if(ircd_ssl_ok)
{
send_certfp_method(ctl, ConfigFileEntry.certfp_method);
send_new_ssl_certs_one(ctl);
if(ssl_cert != NULL && ssl_private_key != NULL)
send_new_ssl_certs_one(ctl, ssl_cert, ssl_private_key,
ssl_dh_params, ssl_cipher_list);
}
ssl_read_ctl(ctl->F, ctl);
ssl_do_pipe(P2, ctl);
@ -699,15 +695,15 @@ ssl_cmd_write_queue(ssl_ctl_t * ctl, rb_fde_t ** F, int count, const void *buf,
static void
send_new_ssl_certs_one(ssl_ctl_t * ctl, const char *ssl_cert, const char *ssl_private_key, const char *ssl_dh_params, const char *ssl_cipher_list)
send_new_ssl_certs_one(ssl_ctl_t * ctl)
{
size_t len;
len = strlen(ssl_cert) + strlen(ssl_private_key) + 5;
if(ssl_dh_params)
len += strlen(ssl_dh_params);
if(ssl_cipher_list)
len += strlen(ssl_cipher_list);
len = strlen(ServerInfo.ssl_cert) + strlen(ServerInfo.ssl_private_key) + 5;
if(ServerInfo.ssl_dh_params)
len += strlen(ServerInfo.ssl_dh_params);
if(ServerInfo.ssl_cipher_list)
len += strlen(ServerInfo.ssl_cipher_list);
if(len > sizeof(tmpbuf))
{
sendto_realops_snomask(SNO_GENERAL, L_ALL,
@ -718,9 +714,11 @@ send_new_ssl_certs_one(ssl_ctl_t * ctl, const char *ssl_cert, const char *ssl_pr
len, sizeof(tmpbuf));
return;
}
len = snprintf(tmpbuf, sizeof(tmpbuf), "K%c%s%c%s%c%s%c%s%c", nul, ssl_cert, nul,
ssl_private_key, nul, ssl_dh_params != NULL ? ssl_dh_params : "", nul,
ssl_cipher_list != NULL ? ssl_cipher_list : "", nul);
len = snprintf(tmpbuf, sizeof(tmpbuf), "K%c%s%c%s%c%s%c%s%c", nul,
ServerInfo.ssl_cert, nul,
ServerInfo.ssl_private_key, nul,
ServerInfo.ssl_dh_params != NULL ? ServerInfo.ssl_dh_params : "", nul,
ServerInfo.ssl_cipher_list != NULL ? ServerInfo.ssl_cipher_list : "", nul);
ssl_cmd_write_queue(ctl, NULL, 0, tmpbuf, len);
}
@ -735,18 +733,14 @@ send_certfp_method(ssl_ctl_t *ctl, int method)
}
void
send_new_ssl_certs(const char *ssl_cert, const char *ssl_private_key, const char *ssl_dh_params, const char *ssl_cipher_list)
ssld_update_config(void)
{
rb_dlink_node *ptr;
if(ssl_cert == NULL || ssl_private_key == NULL || ssl_dh_params == NULL)
{
ircd_ssl_ok = false;
return;
}
RB_DLINK_FOREACH(ptr, ssl_daemons.head)
{
ssl_ctl_t *ctl = ptr->data;
send_new_ssl_certs_one(ctl, ssl_cert, ssl_private_key, ssl_dh_params, ssl_cipher_list);
send_new_ssl_certs_one(ctl);
}
}