commit 23d61c00b9b91cb1f41adefa3b63d2702ad3f750
author William Lallemand <wlallemand@haproxy.com> Mon Mar 30 18:27:58 2020 +0200
committer William Lallemand <wlallemand@haproxy.org> Tue Mar 31 12:32:17 2020 +0200
tree 2e19928f9a44d6c9744900a218c6981ae3cb070b
parent 09bd5a07872a56678f3e152ed4d627159bb917a7

MINOR: ssl: add a list of crtlist_entry in ckch_store

When updating a ckch_store we may want to update its pointer in the
crtlist_entry which use it. To do this, we need the list of the entries
using the store.

include/types/ssl_sock.h

diff --git a/include/types/ssl_sock.h b/include/types/ssl_sock.h
index 2f366fc..9f3e93a 100644
--- a/include/types/ssl_sock.h
+++ b/include/types/ssl_sock.h
@@ -123,6 +123,7 @@
 	struct cert_key_and_chain *ckch;
 	unsigned int multi:1;  /* is it a multi-cert bundle ? */
 	struct list ckch_inst; /* list of ckch_inst which uses this ckch_node */
+	struct list crtlist_entry; /* list of entries which use this store */
 	struct ebmb_node node;
 	char path[0];
 };
@@ -168,6 +169,7 @@
 	char **filters;
 	struct list ckch_inst; /* list of instances of this entry, there is 1 ckch_inst per instance of the crt-list */
 	struct list by_crtlist; /* ordered entries */
+	struct list by_ckch_store; /* linked in ckch_store list of crtlist_entries */
 	struct ebpt_node node; /* key is a ptr to a ckch_store */
 };
 

src/ssl_sock.c

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index f799ca8..39e6315 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3781,6 +3781,7 @@
 	memcpy(dst->path, src->path, pathlen + 1);
 	dst->multi = src->multi;
 	LIST_INIT(&dst->ckch_inst);
+	LIST_INIT(&dst->crtlist_entry);
 
 	dst->ckch = calloc((src->multi ? SSL_SOCK_NUM_KEYTYPES : 1), sizeof(*dst->ckch));
 	if (!dst->ckch)
@@ -3845,6 +3846,7 @@
 	}
 
 	LIST_INIT(&ckchs->ckch_inst);
+	LIST_INIT(&ckchs->crtlist_entry);
 
 	if (!multi) {
 
@@ -4643,6 +4645,7 @@
 						goto end;
 					}
 					entry->node.key = ckchs;
+					LIST_ADDQ(&ckchs->crtlist_entry, &entry->by_ckch_store);
 					LIST_ADDQ(&dir->ord_entries, &entry->by_crtlist);
 					ebpt_insert(&dir->entries, &entry->node);
 
@@ -4662,6 +4665,7 @@
 				goto end;
 			}
 			entry->node.key = ckchs;
+			LIST_ADDQ(&ckchs->crtlist_entry, &entry->by_ckch_store);
 			LIST_ADDQ(&dir->ord_entries, &entry->by_crtlist);
 			ebpt_insert(&dir->entries, &entry->node);
 
@@ -4860,6 +4864,7 @@
 		entry->fcount = arg - cur_arg - 1;
 		ebpt_insert(&newlist->entries, &entry->node);
 		LIST_ADDQ(&newlist->ord_entries, &entry->by_crtlist);
+		LIST_ADDQ(&ckchs->crtlist_entry, &entry->by_ckch_store);
 	}
 	if (cfgerr & ERR_CODE)
 		goto error;
@@ -12023,6 +12028,7 @@
 	}
 	/* we won't create any instance */
 	LIST_INIT(&store->ckch_inst);
+	LIST_INIT(&store->crtlist_entry);
 
 	/* we won't support multi-certificate bundle here */
 	store->multi = 0;