trafficserver-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bc...@apache.org
Subject [trafficserver] branch master updated: sslheaders experimental plugin: fix doc typo, improve container use.
Date Thu, 13 Dec 2018 01:11:32 GMT
This is an automated email from the ASF dual-hosted git repository.

bcall pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
     new 9da865b  sslheaders experimental plugin:  fix doc typo, improve container use.
9da865b is described below

commit 9da865baad311542ecd4142a7a111b6e7e46c595
Author: Walter Karas <wkaras@oath.com>
AuthorDate: Mon Dec 10 12:12:24 2018 -0600

    sslheaders experimental plugin:  fix doc typo, improve container use.
---
 doc/admin-guide/plugins/sslheaders.en.rst     |  2 +-
 plugins/experimental/sslheaders/sslheaders.cc | 18 ++++++++----------
 plugins/experimental/sslheaders/sslheaders.h  |  8 +++++---
 3 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/doc/admin-guide/plugins/sslheaders.en.rst b/doc/admin-guide/plugins/sslheaders.en.rst
index 8fc0881..49a8777 100644
--- a/doc/admin-guide/plugins/sslheaders.en.rst
+++ b/doc/admin-guide/plugins/sslheaders.en.rst
@@ -66,7 +66,7 @@ The `client.certificate` and `server.certificate` fields emit
 the corresponding certificate in PEM format, with newline characters
 replaced by spaces.
 
-If the ``sslheaders`` plugin activtes on non-SSL connections, it
+If the ``sslheaders`` plugin activates on non-SSL connections, it
 will delete all the configured HTTP header names so that malicious
 clients cannot inject misleading information. If any of the SSL
 fields expand to an empty string, those headers are also deleted.
diff --git a/plugins/experimental/sslheaders/sslheaders.cc b/plugins/experimental/sslheaders/sslheaders.cc
index 085c7ac..6c6838d 100644
--- a/plugins/experimental/sslheaders/sslheaders.cc
+++ b/plugins/experimental/sslheaders/sslheaders.cc
@@ -124,14 +124,14 @@ SslHdrExpand(SSL *ssl, const SslHdrInstance::expansion_list &expansions,
TSMBuff
 {
   if (ssl == nullptr) {
     for (const auto &expansion : expansions) {
-      SslHdrRemoveHeader(mbuf, mhdr, expansion->name);
+      SslHdrRemoveHeader(mbuf, mhdr, expansion.name);
     }
   } else {
     X509 *x509;
     BIO *exp = BIO_new(BIO_s_mem());
 
     for (const auto &expansion : expansions) {
-      switch (expansion->scope) {
+      switch (expansion.scope) {
       case SSL_HEADERS_SCOPE_CLIENT:
         x509 = SSL_get_peer_certificate(ssl);
         break;
@@ -146,15 +146,15 @@ SslHdrExpand(SSL *ssl, const SslHdrInstance::expansion_list &expansions,
TSMBuff
         continue;
       }
 
-      SslHdrExpandX509Field(exp, x509, expansion->field);
+      SslHdrExpandX509Field(exp, x509, expansion.field);
       if (BIO_pending(exp)) {
-        SslHdrSetHeader(mbuf, mhdr, expansion->name, exp);
+        SslHdrSetHeader(mbuf, mhdr, expansion.name, exp);
       } else {
-        SslHdrRemoveHeader(mbuf, mhdr, expansion->name);
+        SslHdrRemoveHeader(mbuf, mhdr, expansion.name);
       }
 
       // Getting the peer certificate takes a reference count, but the server certificate
doesn't.
-      if (x509 && expansion->scope == SSL_HEADERS_SCOPE_CLIENT) {
+      if (x509 && expansion.scope == SSL_HEADERS_SCOPE_CLIENT) {
         X509_free(x509);
       }
     }
@@ -199,14 +199,12 @@ SslHdrParseOptions(int argc, const char **argv)
   }
 
   // Pick up the remaining options as SSL header expansions.
+  hdr->expansions.resize(argc - optind);
   for (int i = optind; i < argc; ++i) {
-    SslHdrExpansion exp;
-    if (!SslHdrParseExpansion(argv[i], exp)) {
+    if (!SslHdrParseExpansion(argv[i], hdr->expansions[i - optind])) {
       // If we fail, the expansion parsing logs the error.
       return nullptr;
     }
-
-    hdr->expansions.push_back(&exp);
   }
 
   return hdr.release();
diff --git a/plugins/experimental/sslheaders/sslheaders.h b/plugins/experimental/sslheaders/sslheaders.h
index b7b66dd..ff72100 100644
--- a/plugins/experimental/sslheaders/sslheaders.h
+++ b/plugins/experimental/sslheaders/sslheaders.h
@@ -19,7 +19,7 @@
 #include <ts/ts.h>
 #include <ts/remap.h>
 #include <cstring>
-#include <list>
+#include <vector>
 #include <string>
 
 extern "C" {
@@ -67,13 +67,15 @@ struct SslHdrExpansion {
   ExpansionScope scope;
   ExpansionField field;
 
-  // noncopyable
+  // noncopyable but moveable
   SslHdrExpansion(const SslHdrExpansion &) = delete;
   SslHdrExpansion &operator=(const SslHdrExpansion &) = delete;
+  SslHdrExpansion(SslHdrExpansion &&)                 = default;
+  SslHdrExpansion &operator=(SslHdrExpansion &&) = default;
 };
 
 struct SslHdrInstance {
-  typedef std::list<SslHdrExpansion *> expansion_list;
+  typedef std::vector<SslHdrExpansion> expansion_list;
 
   SslHdrInstance();
   ~SslHdrInstance();


Mime
View raw message