Roxen.git/ server/ base_server/ roxen.pike

Branch: Tag:

2020-04-29

2020-04-29 12:03:57 by Henrik Grubbström (Grubba) <grubba@grubba.org>

StartTLSProtocol: Improve backward compat.

Rename the modified ssl_keys to ssl_certs to support uninstalling
the fix for [WS-580].

2615:   #endif    }    +  protected string low_decode_keypair_id(mixed val) { +  if (intp(val)) { +  // Convert from cert keypair id to cert keypair name. +  mapping md = CertDB.get_keypair_metadata(val); +  if (md) return md->name; +  } +  return val; +  } +     void certificates_changed(Variable.Variable|void ignored,    void|int ignore_eaddrinuse)    {    int old_cert_failure = cert_failure;    cert_failure = 0;    -  Variable.Variable Keys = getvar("ssl_keys"); +  Variable.Variable Keys = getvar("ssl_certs");       array(string) keypair_names = Keys->query(); -  +     if (!sizeof(keypair_names)) {    // No new-style certificates configured.    -  +  // Check if there are old-style keypair ids; in case of which +  // this is probably an upgrade from Roxen 6.2. +  Variable.Variable Keypairs = getvar("ssl_keys"); +  array(int) keypair_ids = Keypairs->query(); +  if (sizeof(keypair_ids)) { +  keypair_names = +  filter(map(keypair_ids, low_decode_keypair_id), stringp); +  if (sizeof(keypair_names)) { +  // Certificates found. +  Keys->set(keypair_names); +  +  save(); +  } +  } +  } +  +  if (!sizeof(keypair_names)) { +  // No new-style certificates configured. +     // Check if there are old-style certificates; in case of which -  // this is probably an upgrade. +  // this is probably an upgrade from Roxen 6.1 or earlier.    Variable.Variable Certificates = getvar("ssl_cert_file");    Variable.Variable KeyFile = getvar("ssl_key_file");   
3007:    // changed callback is called. Currently you can get warnings    // that the files don't match if you update both variables    // at the same time. +  getvar ("ssl_certs")->set_changed_callback(certificates_changed);    getvar ("ssl_keys")->set_changed_callback(certificates_changed);    getvar ("ssl_cert_file")->set_changed_callback (certificates_changed);    getvar ("ssl_key_file")->set_changed_callback (certificates_changed);