op public repos

Commit Diff

Commit:: 1c6967b33a31b4c24881a72dc0ab95286ece8f62
From:: Omar Polo <op@omarpolo.com>
Date:: Thu Jun 8 19:34:49 2023 UTC
Message:: keep cert/key/ocsp path as strings and don't send them via imsg
Actions:: Patch | Tree
commit - 49bd46a150c80802c28606b878f38ec838dc6df0
commit + 1c6967b33a31b4c24881a72dc0ab95286ece8f62
blob - 8b7c93476683a9f328a63248e2831d95c8711a62
blob + 93cdf99ef4b1d3a7abddb032d043c8c28f06e099
--- config.c
+++ config.c
@@ -73,6 +73,9 @@ config_free(void)
 	init_mime(&conf.mime);
 
 	TAILQ_FOREACH_SAFE(h, &hosts, vhosts, th) {
+		free(h->cert_path);
+		free(h->key_path);
+		free(h->ocsp_path);
 		free(h->cert);
 		free(h->key);
 		free(h->ocsp);
@@ -255,10 +258,17 @@ config_send(struct conf *conf, struct fcgi *fcgi, stru
 	}
 
 	TAILQ_FOREACH(h, hosts, vhosts) {
+		struct vhost vcopy;
+
+		memcpy(&vcopy, h, sizeof(vcopy));
+		vcopy.cert_path = NULL;
+		vcopy.key_path = NULL;
+		vcopy.ocsp_path = NULL;
+
 		log_debug("sending host %s", h->domain);
 
 		if (proc_compose(ps, PROC_SERVER, IMSG_RECONF_HOST,
-		    h, sizeof(*h)) == -1)
+		    &vcopy, sizeof(vcopy)) == -1)
 			return -1;
 
 		log_debug("sending certificate %s", h->cert_path);
@@ -273,7 +283,7 @@ config_send(struct conf *conf, struct fcgi *fcgi, stru
 		if (config_send_file(ps, fd, IMSG_RECONF_KEY) == -1)
 			return -1;
 
-		if (*h->ocsp_path != '\0') {
+		if (h->ocsp_path != NULL) {
 			log_debug("sending ocsp %s", h->ocsp_path);
 			if ((fd = open(h->ocsp_path, O_RDONLY)) == -1)
 				fatal("can't open %s", h->ocsp_path);
blob - de728d305468a457bbad1213dadb4272427c1157
blob + ed72c5f9a14421ba6c53e1442505793cae63694a
--- gmid.h
+++ gmid.h
@@ -167,9 +167,9 @@ struct alist {
 extern TAILQ_HEAD(vhosthead, vhost) hosts;
 struct vhost {
 	char		 domain[HOST_NAME_MAX + 1];
-	char		 cert_path[PATH_MAX];
-	char		 key_path[PATH_MAX];
-	char		 ocsp_path[PATH_MAX];
+	char		*cert_path;
+	char		*key_path;
+	char		*ocsp_path;
 
 	uint8_t		*cert;
 	size_t		 certlen;
blob - 2fb53f27266748a436325782462eafe7264751c6
blob + 7e4745ff0a39f7c387c37fbe8caabb27ffc8e025
--- parse.y
+++ parse.y
@@ -254,8 +254,8 @@ vhost		: SERVER string {
 
 			free($2);
 		} '{' optnl servbody '}' {
-			if (*host->cert_path == '\0' ||
-			    *host->key_path == '\0')
+			if (host->cert_path == NULL ||
+			    host->key_path == NULL)
 				yyerror("invalid vhost definition: %s", $2);
 		}
 		| error '}'		{ yyerror("bad server directive"); }
@@ -277,21 +277,18 @@ servopt		: ALIAS string {
 		}
 		| CERT string		{
 			ensure_absolute_path($2);
-			(void) strlcpy(host->cert_path, $2,
-			    sizeof(host->cert_path));
-			free($2);
+			free(host->cert_path);
+			host->cert_path = $2;
 		}
 		| KEY string		{
 			ensure_absolute_path($2);
-			(void) strlcpy(host->key_path, $2,
-			    sizeof(host->key_path));
-			free($2);
+			free(host->key_path);
+			host->key_path = $2;
 		}
 		| OCSP string		{
 			ensure_absolute_path($2);
-			(void) strlcpy(host->ocsp_path, $2,
-			    sizeof(host->ocsp_path));
-			free($2);
+			free(host->ocsp_path);
+			host->ocsp_path = $2;
 		}
 		| PARAM string '=' string {
 			add_param($2, $4);