technocloud-public/nginx-unit
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Certificates: moved SAN processing to a separate function.

Browse Source 
No functional changes.
This commit is contained in:
Valentin Bartenev
2021-03-24 16:38:05 +03:00
parent f18a41c84b
commit a6c6dcf5f7
1 changed files with 58 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
src/nxt_cert.c
View File

@@ -46,6 +46,8 @@ static int nxt_nxt_cert_pem_suffix(char *pem_str, const char *suffix);
static nxt_conf_value_t *nxt_cert_details(nxt_mp_t *mp, nxt_cert_t *cert); static nxt_conf_value_t *nxt_cert_details(nxt_mp_t *mp, nxt_cert_t *cert);
static nxt_conf_value_t *nxt_cert_name_details(nxt_mp_t *mp, X509 *x509, static nxt_conf_value_t *nxt_cert_name_details(nxt_mp_t *mp, X509 *x509,
nxt_bool_t issuer); nxt_bool_t issuer);
static nxt_conf_value_t *nxt_cert_alt_names_details(nxt_mp_t *mp,
STACK_OF(GENERAL_NAME) *alt_names);
static nxt_lvlhsh_t nxt_cert_info; static nxt_lvlhsh_t nxt_cert_info;
@@ -654,7 +656,6 @@ nxt_cert_name_details(nxt_mp_t *mp, X509 *x509, nxt_bool_t issuer)
nxt_str_t str; nxt_str_t str;
nxt_int_t ret; nxt_int_t ret;
nxt_uint_t i, n, count; nxt_uint_t i, n, count;
GENERAL_NAME *name;
nxt_conf_value_t *object, *names; nxt_conf_value_t *object, *names;
STACK_OF(GENERAL_NAME) *alt_names; STACK_OF(GENERAL_NAME) *alt_names;
u_char buf[256]; u_char buf[256];
@@ -721,6 +722,38 @@ nxt_cert_name_details(nxt_mp_t *mp, X509 *x509, nxt_bool_t issuer)
} }
if (alt_names != NULL) { if (alt_names != NULL) {
names = nxt_cert_alt_names_details(mp, alt_names);
sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
if (nxt_slow_path(names == NULL)) {
return NULL;
}
nxt_conf_set_member(object, &alt_names_str, names, 1);
}
return object;
fail:
if (alt_names != NULL) {
sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
}
return NULL;
}
static nxt_conf_value_t *
nxt_cert_alt_names_details(nxt_mp_t *mp, STACK_OF(GENERAL_NAME) *alt_names)
{
nxt_str_t str;
nxt_int_t ret;
nxt_uint_t i, n, count;
GENERAL_NAME *name;
nxt_conf_value_t *array;
count = sk_GENERAL_NAME_num(alt_names); count = sk_GENERAL_NAME_num(alt_names);
n = 0; n = 0;
@@ -734,9 +767,9 @@ nxt_cert_name_details(nxt_mp_t *mp, X509 *x509, nxt_bool_t issuer)
n++; n++;
} }
names = nxt_conf_create_array(mp, n); array = nxt_conf_create_array(mp, n);
if (nxt_slow_path(names == NULL)) { if (nxt_slow_path(array == NULL)) {
goto fail; return NULL;
} }
for (n = 0, i = 0; n != count; n++) { for (n = 0, i = 0; n != count; n++) {
@@ -753,27 +786,14 @@ nxt_cert_name_details(nxt_mp_t *mp, X509 *x509, nxt_bool_t issuer)
str.start = ASN1_STRING_data(name->d.dNSName); str.start = ASN1_STRING_data(name->d.dNSName);
#endif #endif
ret = nxt_conf_set_element_string_dup(names, mp, i++, &str); ret = nxt_conf_set_element_string_dup(array, mp, i++, &str);
if (nxt_slow_path(ret != NXT_OK)) { if (nxt_slow_path(ret != NXT_OK)) {
goto fail;
}
}
sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
nxt_conf_set_member(object, &alt_names_str, names, 1);
}
return object;
fail:
if (alt_names != NULL) {
sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
}
return NULL; return NULL;
} }
}
return array;
}
nxt_int_t nxt_int_t