fluidB
/
webdiss
1
0
Fork 0
Code Pull Requests Activity

Add config parsing

Browse Source
master
Jessie Murray 3 years ago
parent 83fe141f7e
commit 1e9f6048e8
No known key found for this signature in database
GPG Key ID: E7E4D57EDDA744C5
4 changed files with 52 additions and 14 deletions
Show Stats Download Patch File Download Diff File

33
src/conf.c
Unescape Escape View File

@ -16,6 +16,10 @@
static struct acl *
conf_parse_acls(json_t *jtab);
#if HAVE_SSL
void conf_parse_ssl(struct conf *conf, json_t *jssl, const char *filename);
#endif
#define ACL_ERROR_PREFIX "Config error with 'redis_auth': "
#define ACL_ERROR_SUFFIX ". Starting with auth disabled.\n"
@ -200,6 +204,10 @@ conf_read(const char *filename) {
conf->pool_size_per_thread = atoi_free(conf_string_or_envvar(json_string_value(jtmp)));
} else if(strcmp(json_object_iter_key(kv), "default_root") == 0 && json_typeof(jtmp) == JSON_STRING) {
conf->default_root = conf_string_or_envvar(json_string_value(jtmp));
#if HAVE_SSL
} else if(strcmp(json_object_iter_key(kv), "ssl") == 0 && json_typeof(jtmp) == JSON_OBJECT) {
conf_parse_ssl(conf, jtmp, filename);
#endif
} else {
fprintf(stderr, "Warning! Unexpected key or incorrect value in %s: '%s'\n", filename, json_object_iter_key(kv));
}
@ -210,6 +218,31 @@ conf_read(const char *filename) {
return conf;
}
#if HAVE_SSL
void
conf_parse_ssl(struct conf *conf, json_t *jssl, const char *filename) {
for(void *kv = json_object_iter(jssl); kv; kv = json_object_iter_next(jssl, kv)) {
json_t *jtmp = json_object_iter_value(kv);
if(strcmp(json_object_iter_key(kv), "enabled") == 0 && (json_typeof(jtmp) == JSON_TRUE || json_typeof(jtmp) == JSON_FALSE)) {
conf->ssl.enabled = (json_typeof(jtmp) == JSON_TRUE) ? 1 : 0;
} else if(strcmp(json_object_iter_key(kv), "ca_cert_bundle") == 0 && json_typeof(jtmp) == JSON_STRING) {
conf->ssl.ca_cert_bundle = conf_string_or_envvar(json_string_value(jtmp));
} else if(strcmp(json_object_iter_key(kv), "path_to_certs") == 0 && json_typeof(jtmp) == JSON_STRING) {
conf->ssl.path_to_certs = conf_string_or_envvar(json_string_value(jtmp));
} else if(strcmp(json_object_iter_key(kv), "client_cert") == 0 && json_typeof(jtmp) == JSON_STRING) {
conf->ssl.client_cert_pem = conf_string_or_envvar(json_string_value(jtmp));
} else if(strcmp(json_object_iter_key(kv), "client_key") == 0 && json_typeof(jtmp) == JSON_STRING) {
conf->ssl.client_key_pem = conf_string_or_envvar(json_string_value(jtmp));
} else if(strcmp(json_object_iter_key(kv), "redis_sni") == 0 && json_typeof(jtmp) == JSON_STRING) {
conf->ssl.redis_sni = conf_string_or_envvar(json_string_value(jtmp));
} else {
fprintf(stderr, "Warning! Unexpected key or incorrect value under 'ssl', in %s: '%s'\n",
filename, json_object_iter_key(kv));
}
}
}
#endif
void
acl_read_commands(json_t *jlist, struct acl_commands *ac) {

1
src/conf.h
Unescape Escape View File

@ -55,6 +55,7 @@ struct conf {
#ifdef HAVE_SSL
/* SSL */
struct {
int enabled;
char *ca_cert_bundle; /* File name of trusted CA/ca bundle file, optional */
char *path_to_certs; /* Path of trusted certificates, optional */
char *client_cert_pem; /* File name of client certificate file, optional */

28
src/pool.c
Unescape Escape View File

@ -46,19 +46,6 @@ pool_on_connect(const redisAsyncContext *ac, int status) {
}
/* connected to redis! */
#ifdef HAVE_SSL
/* Negotiate SSL/TLS */
if (redisInitiateSSLWithContext((redisContext*)&ac->c, p->w->s->ssl_context) != REDIS_OK) {
/* Handle error, in c->err / c->errstr */
slog(p->w->s, WEBDIS_ERROR, "SSL negotiation failed", 0);
if (ac->c.err) { /* non-zero on error */
slog(p->w->s, WEBDIS_ERROR, ac->c.errstr, 0);
}
pool_schedule_reconnect(p);
return;
}
#endif
/* add to pool */
for(i = 0; i < p->count; ++i) {
if(p->ac[i] == NULL) {
@ -206,6 +193,21 @@ pool_connect(struct pool *p, int db_num, int attach) {
return NULL;
}
#ifdef HAVE_SSL
/* Negotiate SSL/TLS */
if(p->w->s->cfg->ssl.enabled) {
if (redisInitiateSSLWithContext((redisContext*)&ac->c, p->w->s->ssl_context) != REDIS_OK) {
/* Handle error, in c->err / c->errstr */
slog(p->w->s, WEBDIS_ERROR, "SSL negotiation failed", 0);
if(ac->c.err) { /* non-zero on error */
slog(p->w->s, WEBDIS_ERROR, ac->c.errstr, 0);
}
pool_schedule_reconnect(p);
return NULL;
}
}
#endif
redisLibeventAttach(ac, p->w->base);
redisAsyncSetConnectCallback(ac, pool_on_connect);
redisAsyncSetDisconnectCallback(ac, pool_on_disconnect);

4
src/server.c
Unescape Escape View File

@ -125,7 +125,9 @@ server_new(const char *cfg_file) {
s->cfg = conf_read(cfg_file);
#ifdef HAVE_SSL
server_init_ssl(s);
if(s->cfg->ssl.enabled) {
server_init_ssl(s);
}
#endif
/* workers */

Write Preview
Loading…
Cancel
Save