Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TS-4263: keyblock variable configurable via records.config #1008

Merged
merged 1 commit into from Sep 12, 2016
Merged

TS-4263: keyblock variable configurable via records.config #1008

merged 1 commit into from Sep 12, 2016

Conversation

persiaAziz-zz
Copy link
Contributor

@persiaAziz-zz persiaAziz-zz commented Sep 12, 2016
edited

Default value proxy.config.ssl.server.ticket_key.filename is set to NULL

  • If the ticket_key_filename is not set by the user , then a random keyblock will be used
  • If user sets the ticket_key_filename but the the file is either not present or the file contains <48 bytes, then keyblock will be NULL and assertion will fail

jpeach
jpeach reviewed Sep 12, 2016
View reviewed changes
iocore/net/SSLUtils.cc
global_default_keyblock = ssl_create_ticket_keyblock(ticket_key_path); // this function just returns a keyblock
}
else
global_default_keyblock = ssl_create_ticket_keyblock(NULL); // this function just returns a keyblock
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please clang-format. All blocks must be enclosed in { }.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I just did. Sorry I keep forgetting

jpeach
jpeach reviewed Sep 12, 2016
View reviewed changes
iocore/net/SSLUtils.cc
if (ticket_key_filename != NULL) {
ats_scoped_str ticket_key_path(Layout::relative_to(params->serverCertPathOnly, ticket_key_filename));
global_default_keyblock = ssl_create_ticket_keyblock(ticket_key_path); // this function just returns a keyblock
} else
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

} else {
   ....
}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hmm strange.. clang-format is not doing that for me. I will do that manually

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does that look ok?

@shinrich
Copy link
Member

Looks good to me.

@shinrich
Copy link
Member

[approve ci]

jpeach
jpeach reviewed Sep 12, 2016
View reviewed changes
iocore/net/SSLUtils.cc
global_default_keyblock = ssl_create_ticket_keyblock(ticket_key_path); // this function just returns a keyblock
} else {
global_default_keyblock = ssl_create_ticket_keyblock(NULL); // this function just returns a keyblock
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A newline before and after this if/else would improve the readability.

@atsci
Copy link

atsci commented Sep 12, 2016

FreeBSD build successful! See https://ci.trafficserver.apache.org/job/Github-FreeBSD/781/ for details.

@atsci
Copy link

atsci commented Sep 12, 2016

Linux build successful! See https://ci.trafficserver.apache.org/job/Github-Linux/677/ for details.

@shinrich shinrich merged commit fdfb8c1 into apache:master Sep 12, 2016
@zwoop zwoop added this to the Old milestone Jan 8, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Old
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@persiaAziz-zz @shinrich @atsci @jpeach @zwoop