Code Review
/
vpp.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
session: Add certificate store
[vpp.git]
/
src
/
plugins
/
tlsopenssl
/
tls_openssl.c
diff --git
a/src/plugins/tlsopenssl/tls_openssl.c
b/src/plugins/tlsopenssl/tls_openssl.c
index
589d76d
..
c383cf3
100644
(file)
--- a/
src/plugins/tlsopenssl/tls_openssl.c
+++ b/
src/plugins/tlsopenssl/tls_openssl.c
@@
-592,7
+592,6
@@
openssl_ctx_init_client (tls_ctx_t * ctx)
static int
openssl_start_listen (tls_ctx_t * lctx)
{
static int
openssl_start_listen (tls_ctx_t * lctx)
{
- application_t *app;
const SSL_METHOD *method;
SSL_CTX *ssl_ctx;
int rv;
const SSL_METHOD *method;
SSL_CTX *ssl_ctx;
int rv;
@@
-601,17
+600,16
@@
openssl_start_listen (tls_ctx_t * lctx)
EVP_PKEY *pkey;
u32 olc_index;
openssl_listen_ctx_t *olc;
EVP_PKEY *pkey;
u32 olc_index;
openssl_listen_ctx_t *olc;
- app_
worker_t *app_wrk
;
+ app_
cert_key_pair_t *ckpair
;
long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION;
openssl_main_t *om = &openssl_main;
long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION;
openssl_main_t *om = &openssl_main;
-
app_wrk = app_worker_get (lctx->parent_app_wrk
_index);
- if (!
app_wrk
)
+
ckpair = app_cert_key_pair_get_if_valid (lctx->ckpair
_index);
+ if (!
ckpair
)
return -1;
return -1;
- app = application_get (app_wrk->app_index);
- if (!app->tls_cert || !app->tls_key)
+ if (!ckpair->cert || !ckpair->key)
{
TLS_DBG (1, "tls cert and/or key not configured %d",
lctx->parent_app_wrk_index);
{
TLS_DBG (1, "tls cert and/or key not configured %d",
lctx->parent_app_wrk_index);
@@
-646,7
+644,7
@@
openssl_start_listen (tls_ctx_t * lctx)
* Set the key and cert
*/
cert_bio = BIO_new (BIO_s_mem ());
* Set the key and cert
*/
cert_bio = BIO_new (BIO_s_mem ());
- BIO_write (cert_bio,
app->tls_cert, vec_len (app->tls_
cert));
+ BIO_write (cert_bio,
ckpair->cert, vec_len (ckpair->
cert));
srvcert = PEM_read_bio_X509 (cert_bio, NULL, NULL, NULL);
if (!srvcert)
{
srvcert = PEM_read_bio_X509 (cert_bio, NULL, NULL, NULL);
if (!srvcert)
{
@@
-657,7
+655,7
@@
openssl_start_listen (tls_ctx_t * lctx)
BIO_free (cert_bio);
cert_bio = BIO_new (BIO_s_mem ());
BIO_free (cert_bio);
cert_bio = BIO_new (BIO_s_mem ());
- BIO_write (cert_bio,
app->tls_key, vec_len (app->tls_
key));
+ BIO_write (cert_bio,
ckpair->key, vec_len (ckpair->
key));
pkey = PEM_read_bio_PrivateKey (cert_bio, NULL, NULL, NULL);
if (!pkey)
{
pkey = PEM_read_bio_PrivateKey (cert_bio, NULL, NULL, NULL);
if (!pkey)
{