forked from mirrors/kore
Reduce memory footprint for NOTLS builds.
This commit is contained in:
parent
2fc326c0ce
commit
07ed037a00
|
@ -22,17 +22,24 @@
|
|||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/queue.h>
|
||||
|
||||
#include <netinet/in.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#if !defined(KORE_NO_TLS)
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/dh.h>
|
||||
#include <openssl/ssl.h>
|
||||
#endif
|
||||
|
||||
#include <errno.h>
|
||||
#include <regex.h>
|
||||
#include <stdarg.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <syslog.h>
|
||||
#include <unistd.h>
|
||||
|
||||
|
@ -159,11 +166,13 @@ struct connection {
|
|||
u_int8_t state;
|
||||
u_int8_t proto;
|
||||
void *owner;
|
||||
#if !defined(KORE_NO_TLS)
|
||||
X509 *cert;
|
||||
SSL *ssl;
|
||||
int tls_reneg;
|
||||
#endif
|
||||
u_int8_t flags;
|
||||
void *hdlr_extra;
|
||||
X509 *cert;
|
||||
int tls_reneg;
|
||||
|
||||
int (*handle)(struct connection *);
|
||||
void (*disconnect)(struct connection *);
|
||||
|
@ -283,12 +292,14 @@ struct kore_worker {
|
|||
|
||||
struct kore_domain {
|
||||
char *domain;
|
||||
char *certfile;
|
||||
char *certkey;
|
||||
int accesslog;
|
||||
#if !defined(KORE_NO_TLS)
|
||||
char *cafile;
|
||||
char *crlfile;
|
||||
int accesslog;
|
||||
char *certfile;
|
||||
char *certkey;
|
||||
SSL_CTX *ssl_ctx;
|
||||
#endif
|
||||
TAILQ_HEAD(, kore_module_handle) handlers;
|
||||
TAILQ_ENTRY(kore_domain) list;
|
||||
};
|
||||
|
@ -385,7 +396,10 @@ extern char *kore_pidfile;
|
|||
extern char *config_file;
|
||||
extern char *kore_tls_cipher_list;
|
||||
extern int tls_version;
|
||||
|
||||
#if !defined(KORE_NO_TLS)
|
||||
extern DH *tls_dhparam;
|
||||
#endif
|
||||
|
||||
extern u_int8_t nlisteners;
|
||||
extern u_int16_t cpu_count;
|
||||
|
@ -448,9 +462,11 @@ void kore_timer_remove(struct kore_timer *);
|
|||
struct kore_timer *kore_timer_add(void (*cb)(void *, u_int64_t),
|
||||
u_int64_t, void *, int);
|
||||
|
||||
int kore_tls_sni_cb(SSL *, int *, void *);
|
||||
int kore_server_bind(const char *, const char *, const char *);
|
||||
#if !defined(KORE_NO_TLS)
|
||||
int kore_tls_sni_cb(SSL *, int *, void *);
|
||||
void kore_tls_info_callback(const SSL *, int, int);
|
||||
#endif
|
||||
|
||||
void kore_connection_init(void);
|
||||
void kore_connection_prune(int);
|
||||
|
|
|
@ -32,7 +32,9 @@ struct kore_log_packet {
|
|||
char host[KORE_DOMAINNAME_LEN];
|
||||
char path[HTTP_URI_LEN];
|
||||
char agent[HTTP_USERAGENT_LEN];
|
||||
#if !defined(KORE_NO_TLS)
|
||||
char cn[X509_CN_LENGTH];
|
||||
#endif
|
||||
};
|
||||
|
||||
void
|
||||
|
@ -90,10 +92,11 @@ kore_accesslog_write(const void *data, u_int32_t len)
|
|||
break;
|
||||
}
|
||||
|
||||
cn = "none";
|
||||
#if !defined(KORE_NO_TLS)
|
||||
if (logpacket.cn[0] != '\0')
|
||||
cn = logpacket.cn;
|
||||
else
|
||||
cn = "none";
|
||||
#endif
|
||||
|
||||
if (inet_ntop(logpacket.addrtype, &(logpacket.addr),
|
||||
addr, sizeof(addr)) == NULL)
|
||||
|
@ -157,8 +160,8 @@ kore_accesslog(struct http_request *req)
|
|||
sizeof(logpacket.agent));
|
||||
}
|
||||
|
||||
memset(logpacket.cn, '\0', sizeof(logpacket.cn));
|
||||
#if !defined(KORE_NO_TLS)
|
||||
memset(logpacket.cn, '\0', sizeof(logpacket.cn));
|
||||
if (req->owner->cert != NULL) {
|
||||
if (X509_GET_CN(req->owner->cert,
|
||||
logpacket.cn, sizeof(logpacket.cn)) == -1) {
|
||||
|
|
|
@ -920,7 +920,9 @@ cli_compile_cfile(void *arg)
|
|||
#if defined(KORE_NO_HTTP)
|
||||
args[idx++] = "-DKORE_NO_HTTP";
|
||||
#endif
|
||||
|
||||
#if defined(KORE_NO_TLS)
|
||||
args[idx++] = "-DKORE_NO_TLS";
|
||||
#endif
|
||||
args[idx++] = "-Wall";
|
||||
args[idx++] = "-Wmissing-declarations";
|
||||
args[idx++] = "-Wshadow";
|
||||
|
|
|
@ -45,13 +45,15 @@ kore_connection_new(void *owner)
|
|||
|
||||
c = kore_pool_get(&connection_pool);
|
||||
|
||||
#if !defined(KORE_NO_TLS)
|
||||
c->ssl = NULL;
|
||||
c->cert = NULL;
|
||||
c->tls_reneg = 0;
|
||||
#endif
|
||||
c->flags = 0;
|
||||
c->rnb = NULL;
|
||||
c->snb = NULL;
|
||||
c->cert = NULL;
|
||||
c->owner = owner;
|
||||
c->tls_reneg = 0;
|
||||
c->handle = NULL;
|
||||
c->disconnect = NULL;
|
||||
c->hdlr_extra = NULL;
|
||||
|
|
|
@ -24,8 +24,11 @@
|
|||
|
||||
struct kore_domain_h domains;
|
||||
struct kore_domain *primary_dom = NULL;
|
||||
|
||||
#if !defined(KORE_NO_TLS)
|
||||
DH *tls_dhparam = NULL;
|
||||
int tls_version = KORE_TLS_VERSION_1_2;
|
||||
#endif
|
||||
|
||||
static void domain_load_crl(struct kore_domain *);
|
||||
|
||||
|
@ -51,11 +54,13 @@ kore_domain_new(char *domain)
|
|||
|
||||
dom = kore_malloc(sizeof(*dom));
|
||||
dom->accesslog = -1;
|
||||
#if !defined(KORE_NO_TLS)
|
||||
dom->cafile = NULL;
|
||||
dom->certkey = NULL;
|
||||
dom->ssl_ctx = NULL;
|
||||
dom->certfile = NULL;
|
||||
dom->crlfile = NULL;
|
||||
#endif
|
||||
dom->domain = kore_strdup(domain);
|
||||
TAILQ_INIT(&(dom->handlers));
|
||||
TAILQ_INSERT_TAIL(&domains, dom, list);
|
||||
|
|
|
@ -16,6 +16,8 @@
|
|||
|
||||
#include <sys/param.h>
|
||||
|
||||
#include <openssl/sha.h>
|
||||
|
||||
#include <limits.h>
|
||||
|
||||
#include "kore.h"
|
||||
|
|
Loading…
Reference in New Issue