mirror of
https://github.com/haproxy/haproxy.git
synced 2026-05-15 18:39:23 -04:00
2be6744189
In order for the code behind the "commit ssl cert" logic to be usable outside of the CLI context, some new "ckch_store_update_" functions are created. They allow to perform all the operations on ckch_stores to be performed without needing an appctx. The first function being called is ckch_store_update_init which mainly takes the ckch_store lock and checks that there is an ongoing transaction with the proper path (which was already done in cli_parse_commit_cert). The main one is ckch_store_update_process which replicates the logic that could be found in the cli_io_handler_commit_cert function. We iterate over the ckch instances of an existing ckch store and duplicate them in the new ckch store which is still detached from the tree, before replacing the old store with the new one. This whole operation could take some time so we were yielding every 10 instances or when applet_putstr calls would fail. The actual ckch_store operations and the applet related calls are now decorrelated in order to stop having to have an appctx during the ckch store/instances processing. The ckch_store_update_process will now update a "msg" buffer and a "state" that allow to send processing messages to the caller as well as keep the state of the processing "state machine". When the ckch_store_update_process loop is over, ckch_store_update_cleanup can be called to release the lock and free some now useless structures. |
||
|---|---|---|
| .. | ||
| haproxy | ||
| import | ||
| make | ||