Skip to content

Use std::unique_ptr for X509 and BIO scoped heap objects. #8954

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ywkaras merged 1 commit into from
Jul 12, 2022
Merged

Use std::unique_ptr for X509 and BIO scoped heap objects. #8954

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions iocore/net/OCSPStapling.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -254,13 +254,13 @@ ssl_stapling_init_cert(SSL_CTX *ctx, X509 *cert, const char *certname, const cha
#endif
}

issuer = stapling_get_issuer(ctx, cert);
if (issuer == nullptr) {
issuer.reset(stapling_get_issuer(ctx, cert));
if (issuer.get() == nullptr) {
Note("cannot get issuer certificate from %s", certname);
goto err;
}

cinf->cid = OCSP_cert_to_id(nullptr, cert, issuer);
cinf->cid = OCSP_cert_to_id(nullptr, cert, issuer.get());
if (!cinf->cid) {
goto err;
}
Expand Down
47 changes: 13 additions & 34 deletions iocore/net/P_SSLUtils.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@

#include <map>
#include <set>
#include <memory>

struct SSLConfigParams;
class SSLNetVConnection;
Expand Down Expand Up @@ -169,45 +170,23 @@ namespace ssl
{
namespace detail
{
struct SCOPED_X509_TRAITS {
typedef X509 *value_type;
static value_type
initValue()
struct X509Deleter {
void
operator()(X509 *p)
{
return nullptr;
}
static bool
isValid(value_type x)
{
return x != nullptr;
}
static void
destroy(value_type x)
{
X509_free(x);
X509_free(p);
}
};

struct SCOPED_BIO_TRAITS {
typedef BIO *value_type;
static value_type
initValue()
struct BIODeleter {
void
operator()(BIO *p)
{
return nullptr;
}
static bool
isValid(value_type x)
{
return x != nullptr;
}
static void
destroy(value_type x)
{
BIO_free(x);
BIO_free(p);
}
};
/* namespace ssl */ // namespace detail
} /* namespace detail */

} // namespace detail
} // namespace ssl

struct ats_wildcard_matcher {
Expand All @@ -229,5 +208,5 @@ struct ats_wildcard_matcher {
DFA regex;
};

typedef ats_scoped_resource<ssl::detail::SCOPED_X509_TRAITS> scoped_X509;
typedef ats_scoped_resource<ssl::detail::SCOPED_BIO_TRAITS> scoped_BIO;
using scoped_X509 = std::unique_ptr<X509, ssl::detail::X509Deleter>;
using scoped_BIO = std::unique_ptr<BIO, ssl::detail::BIODeleter>;
4 changes: 2 additions & 2 deletions iocore/net/SSLUtils.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -171,7 +171,7 @@ static bool
SSL_CTX_add_extra_chain_cert_file(SSL_CTX *ctx, const char *chainfile)
{
scoped_BIO bio(BIO_new_file(chainfile, "r"));
return SSL_CTX_add_extra_chain_cert_bio(ctx, bio);
return SSL_CTX_add_extra_chain_cert_bio(ctx, bio.get());
}

static SSL_SESSION *
Expand Down Expand Up @@ -2442,7 +2442,7 @@ SSLMultiCertConfigLoader::load_certs(SSL_CTX *ctx, const std::vector<std::string
}

// Load up any additional chain certificates
if (!SSL_CTX_add_extra_chain_cert_bio(ctx, bio)) {
if (!SSL_CTX_add_extra_chain_cert_bio(ctx, bio.get())) {
Debug("ssl", "couldn't add chain to %p", ctx);
}

Expand Down