重构key keeper创建keyring的代码。修复除 #97 外的valgrind definitely lost。
This commit is contained in:
zhengchao
@@ -73,17 +73,13 @@ static void key_keeper_promise_free_ctx(void* ctx)
|
|||||||
free(_ctx);
|
free(_ctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
static struct keyring_private* keyring_new(void)
|
static struct keyring_private* keyring_new(X509 *cert, EVP_PKEY *key, STACK_OF(X509) *chain)
|
||||||
{
|
{
|
||||||
struct keyring_private *kyr;
|
struct keyring_private *kyr=ALLOC(struct keyring_private, 1);
|
||||||
if (!(kyr = (struct keyring_private *)ALLOC(struct keyring_private, 1)))
|
pthread_mutex_init(&(kyr->mutex), NULL);
|
||||||
{
|
kyr->head.cert = cert;
|
||||||
return NULL;
|
kyr->head.key = key;
|
||||||
}
|
kyr->head.chain = chain;
|
||||||
if (pthread_mutex_init(&kyr->mutex, NULL)) {
|
|
||||||
free(kyr);
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
kyr->references = 1;
|
kyr->references = 1;
|
||||||
return kyr;
|
return kyr;
|
||||||
}
|
}
|
||||||
@@ -120,64 +116,9 @@ static struct keyring* keyring_new3(EVP_PKEY *key, X509 *cert, STACK_OF(X509) *c
|
|||||||
// Increment reference count.
|
// Increment reference count.
|
||||||
static void keyring_ref_inc(struct keyring_private* kyr)
|
static void keyring_ref_inc(struct keyring_private* kyr)
|
||||||
{
|
{
|
||||||
pthread_mutex_lock(&kyr->mutex);
|
pthread_mutex_lock(&(kyr->mutex));
|
||||||
kyr->references++;
|
kyr->references++;
|
||||||
pthread_mutex_unlock(&kyr->mutex);
|
pthread_mutex_unlock(&(kyr->mutex));
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Thread-safe setter functions; they copy the value (refcounts are inc'd).
|
|
||||||
*/
|
|
||||||
static void keyring_set_key(struct keyring_private* kyr, EVP_PKEY *key)
|
|
||||||
{
|
|
||||||
pthread_mutex_lock(&kyr->mutex);
|
|
||||||
if ((kyr->head).key)
|
|
||||||
{
|
|
||||||
EVP_PKEY_free((kyr->head).key);
|
|
||||||
}
|
|
||||||
(kyr->head).key = key;
|
|
||||||
if (key)
|
|
||||||
{
|
|
||||||
ssl_key_refcount_inc((kyr->head).key);
|
|
||||||
}
|
|
||||||
pthread_mutex_unlock(&kyr->mutex);
|
|
||||||
}
|
|
||||||
|
|
||||||
static void keyring_set_cert(struct keyring_private* kry, X509 *cert)
|
|
||||||
{
|
|
||||||
pthread_mutex_lock(&kry->mutex);
|
|
||||||
if ((kry->head).cert)
|
|
||||||
{
|
|
||||||
X509_free((kry->head).cert);
|
|
||||||
}
|
|
||||||
(kry->head).cert = cert;
|
|
||||||
if (cert)
|
|
||||||
{
|
|
||||||
ssl_x509_refcount_inc((kry->head).cert);
|
|
||||||
}
|
|
||||||
pthread_mutex_unlock(&kry->mutex);
|
|
||||||
}
|
|
||||||
|
|
||||||
static void keyring_set_chain(struct keyring_private* kyr, STACK_OF(X509) *chain)
|
|
||||||
{
|
|
||||||
pthread_mutex_lock(&kyr->mutex);
|
|
||||||
if ((kyr->head).chain)
|
|
||||||
{
|
|
||||||
sk_X509_pop_free((kyr->head).chain, X509_free);
|
|
||||||
}
|
|
||||||
if (chain)
|
|
||||||
{
|
|
||||||
(kyr->head).chain = sk_X509_dup(chain);
|
|
||||||
int i = 0;
|
|
||||||
for (i = 0; i < sk_X509_num((kyr->head).chain); i++)
|
|
||||||
{
|
|
||||||
ssl_x509_refcount_inc(sk_X509_value((kyr->head).chain, i));
|
|
||||||
}
|
|
||||||
} else
|
|
||||||
{
|
|
||||||
(kyr->head).chain = NULL;
|
|
||||||
}
|
|
||||||
pthread_mutex_unlock(&kyr->mutex);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -195,20 +136,20 @@ void key_keeper_free_keyring(struct keyring *kyr)
|
|||||||
}
|
}
|
||||||
pthread_mutex_unlock(&_kyr->mutex);
|
pthread_mutex_unlock(&_kyr->mutex);
|
||||||
pthread_mutex_destroy(&_kyr->mutex);
|
pthread_mutex_destroy(&_kyr->mutex);
|
||||||
if ((_kyr->head).key)
|
if (_kyr->head.key)
|
||||||
{
|
{
|
||||||
EVP_PKEY_free((_kyr->head).key);
|
EVP_PKEY_free((_kyr->head).key);
|
||||||
(_kyr->head).key=NULL;
|
_kyr->head.key=NULL;
|
||||||
}
|
}
|
||||||
if ((_kyr->head).cert)
|
if (_kyr->head.cert)
|
||||||
{
|
{
|
||||||
X509_free((_kyr->head).cert);
|
X509_free(_kyr->head.cert);
|
||||||
(_kyr->head).cert=NULL;
|
_kyr->head.cert=NULL;
|
||||||
}
|
}
|
||||||
if ((_kyr->head).chain)
|
if (_kyr->head.chain)
|
||||||
{
|
{
|
||||||
sk_X509_pop_free((_kyr->head).chain, X509_free);
|
sk_X509_pop_free((_kyr->head).chain, X509_free);
|
||||||
(_kyr->head).chain=NULL;
|
_kyr->head.chain=NULL;
|
||||||
}
|
}
|
||||||
free(_kyr);
|
free(_kyr);
|
||||||
}
|
}
|
||||||
@@ -336,15 +277,10 @@ static struct keyring_private* get_keyring_from_response(const char* data)
|
|||||||
goto error_out;
|
goto error_out;
|
||||||
}
|
}
|
||||||
sk_X509_push(chain, chain_cert);
|
sk_X509_push(chain, chain_cert);
|
||||||
ssl_x509_refcount_inc(chain_cert);
|
// ssl_x509_refcount_inc(chain_cert);
|
||||||
}
|
}
|
||||||
_kyr= keyring_new();
|
_kyr= keyring_new(cert, key, chain);
|
||||||
keyring_set_cert(_kyr, cert);
|
|
||||||
keyring_set_key(_kyr, key);
|
|
||||||
keyring_set_chain(_kyr, chain);
|
|
||||||
X509_free(cert);
|
|
||||||
EVP_PKEY_free(key);
|
|
||||||
sk_X509_pop_free(chain, X509_free);
|
|
||||||
cJSON_Delete(data_json);
|
cJSON_Delete(data_json);
|
||||||
return _kyr;
|
return _kyr;
|
||||||
|
|
||||||
@@ -383,14 +319,8 @@ static struct keyring_private* generate_x509_keyring(X509* origin_cert, X509* ca
|
|||||||
sk_X509_push(chain, forge_cert);
|
sk_X509_push(chain, forge_cert);
|
||||||
ssl_x509_refcount_inc(ca);
|
ssl_x509_refcount_inc(ca);
|
||||||
ssl_x509_refcount_inc(forge_cert);
|
ssl_x509_refcount_inc(forge_cert);
|
||||||
struct keyring_private* _kyr= keyring_new();
|
struct keyring_private* _kyr= keyring_new(forge_cert, forge_key, chain);
|
||||||
keyring_set_key(_kyr, forge_key);
|
|
||||||
keyring_set_cert(_kyr, forge_cert);
|
|
||||||
keyring_set_chain(_kyr, chain);
|
|
||||||
|
|
||||||
X509_free(forge_cert);
|
|
||||||
EVP_PKEY_free(forge_key);
|
|
||||||
sk_X509_pop_free(chain, X509_free);
|
|
||||||
return _kyr;
|
return _kyr;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -1958,6 +1958,7 @@ static char* parse_cipher_suites(struct cipher_suite* _cipher_suite_list, int n,
|
|||||||
if(pos != buff_len && flag == 0)
|
if(pos != buff_len && flag == 0)
|
||||||
{
|
{
|
||||||
*result = CHELLO_PARSE_INVALID_FORMAT;
|
*result = CHELLO_PARSE_INVALID_FORMAT;
|
||||||
|
free(cipher_suites_str);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
*result = CHELLO_PARSE_SUCCESS;
|
*result = CHELLO_PARSE_SUCCESS;
|
||||||
|
|||||||
@@ -50,11 +50,11 @@ static void keyring_set_key(struct keyring_private* kyr, EVP_PKEY *key)
|
|||||||
static void keyring_set_cert(struct keyring_private* kry, X509 *cert)
|
static void keyring_set_cert(struct keyring_private* kry, X509 *cert)
|
||||||
{
|
{
|
||||||
pthread_mutex_lock(&kry->mutex);
|
pthread_mutex_lock(&kry->mutex);
|
||||||
if ((kry->head).cert)
|
if (kry->head.cert)
|
||||||
{
|
{
|
||||||
X509_free((kry->head).cert);
|
X509_free((kry->head).cert);
|
||||||
}
|
}
|
||||||
(kry->head).cert = cert;
|
kry->head.cert = cert;
|
||||||
if (cert)
|
if (cert)
|
||||||
{
|
{
|
||||||
ssl_x509_refcount_inc((kry->head).cert);
|
ssl_x509_refcount_inc((kry->head).cert);
|
||||||
@@ -64,24 +64,24 @@ static void keyring_set_cert(struct keyring_private* kry, X509 *cert)
|
|||||||
|
|
||||||
static void keyring_set_chain(struct keyring_private* kyr, STACK_OF(X509) *chain)
|
static void keyring_set_chain(struct keyring_private* kyr, STACK_OF(X509) *chain)
|
||||||
{
|
{
|
||||||
pthread_mutex_lock(&kyr->mutex);
|
pthread_mutex_lock(&(kyr->mutex));
|
||||||
if ((kyr->head).chain)
|
if (kyr->head.chain)
|
||||||
{
|
{
|
||||||
sk_X509_pop_free((kyr->head).chain, X509_free);
|
sk_X509_pop_free(kyr->head.chain, X509_free);
|
||||||
}
|
}
|
||||||
if (chain)
|
if (chain)
|
||||||
{
|
{
|
||||||
(kyr->head).chain = sk_X509_dup(chain);
|
kyr->head.chain = sk_X509_dup(chain);
|
||||||
int i = 0;
|
int i = 0;
|
||||||
for (i = 0; i < sk_X509_num((kyr->head).chain); i++)
|
for (i = 0; i < sk_X509_num(kyr->head.chain); i++)
|
||||||
{
|
{
|
||||||
ssl_x509_refcount_inc(sk_X509_value((kyr->head).chain, i));
|
ssl_x509_refcount_inc(sk_X509_value(kyr->head.chain, i));
|
||||||
}
|
}
|
||||||
} else
|
} else
|
||||||
{
|
{
|
||||||
(kyr->head).chain = NULL;
|
kyr->head.chain = NULL;
|
||||||
}
|
}
|
||||||
pthread_mutex_unlock(&kyr->mutex);
|
pthread_mutex_unlock(&(kyr->mutex));
|
||||||
}
|
}
|
||||||
|
|
||||||
static X509* transform_cert_to_x509(const char* str)
|
static X509* transform_cert_to_x509(const char* str)
|
||||||
|
|||||||
@@ -886,7 +886,6 @@ static void cache_query_obj_on_succ(future_result_t * result, void * user)
|
|||||||
//last call.
|
//last call.
|
||||||
ATOMIC_DEC(&(ctx->ref_handle->stat_val[STAT_CACHE_READING]));
|
ATOMIC_DEC(&(ctx->ref_handle->stat_val[STAT_CACHE_READING]));
|
||||||
promise_dettach_ctx(p);
|
promise_dettach_ctx(p);
|
||||||
promise_finish(p);
|
|
||||||
last_call=1;
|
last_call=1;
|
||||||
break;
|
break;
|
||||||
case RESULT_TYPE_BODY:
|
case RESULT_TYPE_BODY:
|
||||||
@@ -896,8 +895,11 @@ static void cache_query_obj_on_succ(future_result_t * result, void * user)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
promise_success(p, ctx);
|
promise_success(p, ctx);
|
||||||
if(last_call) cache_query_ctx_free_cb(ctx);
|
if(last_call)
|
||||||
|
{
|
||||||
|
cache_query_ctx_free_cb(ctx);
|
||||||
|
promise_finish(p);
|
||||||
|
}
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
static void cache_query_obj_on_fail(enum e_future_error err, const char * what, void * user)
|
static void cache_query_obj_on_fail(enum e_future_error err, const char * what, void * user)
|
||||||
|
|||||||
@@ -801,7 +801,7 @@ struct http_half_private * hf_private_create(tfe_http_direction ht_dir, short ma
|
|||||||
hf_private->hf_public.ops = &__http_half_ops;
|
hf_private->hf_public.ops = &__http_half_ops;
|
||||||
|
|
||||||
/* PRIVATE */
|
/* PRIVATE */
|
||||||
hf_private->parse_object = (struct http_parser *) malloc(sizeof(struct http_parser));
|
hf_private->parse_object = ALLOC(struct http_parser, 1);
|
||||||
assert(hf_private->parse_object != NULL);
|
assert(hf_private->parse_object != NULL);
|
||||||
|
|
||||||
if (ht_dir == TFE_HTTP_REQUEST)
|
if (ht_dir == TFE_HTTP_REQUEST)
|
||||||
|
|||||||
Reference in New Issue
Block a user