REORG: ssl: move some free/new functions

Move crtlist_free_filters(), crtlist_dup_filters(), crtlist_free(), crtlist_new(), ssl_sock_free_ssl_conf() upper in the file.
2020-04-10 10:26:27 +02:00 · 2020-04-10 10:26:27 +02:00 · 82b21bbe86
commit 82b21bbe86
parent ec2d493621
1 changed files with 107 additions and 112 deletions
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@ -2898,6 +2898,37 @@ int ssl_sock_load_global_dh_param_from_file(const char *filename)
 }
 #endif

+/* release ssl bind conf */
+void ssl_sock_free_ssl_conf(struct ssl_bind_conf *conf)
+{
+	if (conf) {
+#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
+		free(conf->npn_str);
+		conf->npn_str = NULL;
+#endif
+#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
+		free(conf->alpn_str);
+		conf->alpn_str = NULL;
+#endif
+		free(conf->ca_file);
+		conf->ca_file = NULL;
+		free(conf->ca_verify_file);
+		conf->ca_verify_file = NULL;
+		free(conf->crl_file);
+		conf->crl_file = NULL;
+		free(conf->ciphers);
+		conf->ciphers = NULL;
+#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
+		free(conf->ciphersuites);
+		conf->ciphersuites = NULL;
+#endif
+		free(conf->curves);
+		conf->curves = NULL;
+		free(conf->ecdhe);
+		conf->ecdhe = NULL;
+	}
+}
+
 /* unlink a ckch_inst, free all SNIs, free the ckch_inst */
 /* The caller must use the lock of the bind_conf if used with inserted SNIs */
 static void ckch_inst_free(struct ckch_inst *inst)
@ -2934,6 +2965,82 @@ static struct ckch_inst *ckch_inst_new()
 	return ckch_inst;
 }

+/* free sni filters */
+static void crtlist_free_filters(char **args)
+{
+	int i;
+
+	if (!args)
+		return;
+
+	for (i = 0; args[i]; i++)
+		free(args[i]);
+
+	free(args);
+}
+
+/* Alloc and duplicate a char ** array */
+static char **crtlist_dup_filters(char **args, int fcount)
+{
+	char **dst;
+	int i;
+
+	if (fcount == 0)
+		return NULL;
+
+	dst = calloc(fcount + 1, sizeof(*dst));
+	if (!dst)
+		return NULL;
+
+	for (i = 0; i < fcount; i++) {
+		dst[i] = strdup(args[i]);
+		if (!dst[i])
+			goto error;
+	}
+	return dst;
+
+error:
+	crtlist_free_filters(dst);
+	return NULL;
+}
+
+/* Free a crtlist, from the crt_entry to the content of the ssl_conf */
+static void crtlist_free(struct crtlist *crtlist)
+{
+	struct crtlist_entry *entry, *s_entry;
+
+	if (crtlist == NULL)
+		return;
+
+	list_for_each_entry_safe(entry, s_entry, &crtlist->ord_entries, by_crtlist) {
+		crtlist_entry_free(entry);
+	}
+	ebmb_delete(&crtlist->node);
+	free(crtlist);
+}
+
+/* Alloc and initialize a struct crtlist
+ * <filename> is the key of the ebmb_node
+ * <unique> initialize the list of entries to be unique (1) or not (0)
+ */
+static struct crtlist *crtlist_new(const char *filename, int unique)
+{
+	struct crtlist *newlist;
+
+	newlist = calloc(1, sizeof(*newlist) + strlen(filename) + 1);
+	if (newlist == NULL)
+		return NULL;
+
+	memcpy(newlist->node.key, filename, strlen(filename) + 1);
+	if (unique)
+		newlist->entries = EB_ROOT_UNIQUE;
+	else
+		newlist->entries = EB_ROOT;
+
+	LIST_INIT(&newlist->ord_entries);
+
+	return newlist;
+}

 /* This function allocates a sni_ctx and adds it to the ckch_inst */
 static int ckch_inst_add_cert_sni(SSL_CTX *ctx, struct ckch_inst *ckch_inst,
@ -4408,118 +4515,6 @@ static int ssl_initialize_random()
 	return random_initialized;
 }

-/* release ssl bind conf */
-void ssl_sock_free_ssl_conf(struct ssl_bind_conf *conf)
-{
-	if (conf) {
-#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
-		free(conf->npn_str);
-		conf->npn_str = NULL;
-#endif
-#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
-		free(conf->alpn_str);
-		conf->alpn_str = NULL;
-#endif
-		free(conf->ca_file);
-		conf->ca_file = NULL;
-		free(conf->ca_verify_file);
-		conf->ca_verify_file = NULL;
-		free(conf->crl_file);
-		conf->crl_file = NULL;
-		free(conf->ciphers);
-		conf->ciphers = NULL;
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
-		free(conf->ciphersuites);
-		conf->ciphersuites = NULL;
-#endif
-		free(conf->curves);
-		conf->curves = NULL;
-		free(conf->ecdhe);
-		conf->ecdhe = NULL;
-	}
-}
-/* free sni filters */
-static void crtlist_free_filters(char **args)
-{
-	int i;
-
-	if (!args)
-		return;
-
-	for (i = 0; args[i]; i++)
-		free(args[i]);
-
-	free(args);
-}
-
-/* Alloc and duplicate a char ** array */
-static char **crtlist_dup_filters(char **args, int fcount)
-{
-	char **dst;
-	int i;
-
-	if (fcount == 0)
-		return NULL;
-
-	dst = calloc(fcount + 1, sizeof(*dst));
-	if (!dst)
-		return NULL;
-
-	for (i = 0; i < fcount; i++) {
-		dst[i] = strdup(args[i]);
-		if (!dst[i])
-			goto error;
-	}
-	return dst;
-
-error:
-	crtlist_free_filters(dst);
-	return NULL;
-}
-
-
-/* Free a crtlist, from the crt_entry to the content of the ssl_conf */
-static void crtlist_free(struct crtlist *crtlist)
-{
-	struct crtlist_entry *entry, *s_entry;
-
-	if (crtlist == NULL)
-		return;
-
-	list_for_each_entry_safe(entry, s_entry, &crtlist->ord_entries, by_crtlist) {
-		ebpt_delete(&entry->node);
-		LIST_DEL(&entry->by_crtlist);
-		crtlist_free_filters(entry->filters);
-		ssl_sock_free_ssl_conf(entry->ssl_conf);
-		free(entry->ssl_conf);
-		free(entry);
-	}
-	ebmb_delete(&crtlist->node);
-	free(crtlist);
-}
-
-/* Alloc and initialize a struct crtlist
- * <filename> is the key of the ebmb_node
- * <unique> initialize the list of entries to be unique (1) or not (0)
- */
-static struct crtlist *crtlist_new(const char *filename, int unique)
-{
-	struct crtlist *newlist;
-
-	newlist = calloc(1, sizeof(*newlist) + strlen(filename) + 1);
-	if (newlist == NULL)
-		return NULL;
-
-	memcpy(newlist->node.key, filename, strlen(filename) + 1);
-	if (unique)
-		newlist->entries = EB_ROOT_UNIQUE;
-	else
-		newlist->entries = EB_ROOT;
-
-	LIST_INIT(&newlist->ord_entries);
-
-	return newlist;
-}

 /* This function reads a directory and stores it in a struct crtlist, each file is a crtlist_entry structure
 * Fill the <crtlist> argument with a pointer to a new crtlist struct