Rearrange mtls code
This commit moves the mtls code into its own method, to ensure that it's
self contained, and not done as one large thing in the connection
constructor.
Tested:
Ran instructions at
https://github.com/openbmc/docs/blob/master/security/TLS-configuration.md
Verified that the final call to SessionService in those instructions
succeeded.
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: I170723b0e9368e625412fc895e48f796cc54b9ce
diff --git a/http/http_connection.hpp b/http/http_connection.hpp
index fb64014..4df9300 100644
--- a/http/http_connection.hpp
+++ b/http/http_connection.hpp
@@ -72,6 +72,29 @@
req.emplace(parser->get());
#ifdef BMCWEB_ENABLE_MUTUAL_TLS_AUTHENTICATION
+ prepareMutualTls();
+#endif // BMCWEB_ENABLE_MUTUAL_TLS_AUTHENTICATION
+
+#ifdef BMCWEB_ENABLE_DEBUG
+ connectionCount++;
+ BMCWEB_LOG_DEBUG << this << " Connection open, total "
+ << connectionCount;
+#endif
+ }
+
+ ~Connection()
+ {
+ res.completeRequestHandler = nullptr;
+ cancelDeadlineTimer();
+#ifdef BMCWEB_ENABLE_DEBUG
+ connectionCount--;
+ BMCWEB_LOG_DEBUG << this << " Connection closed, total "
+ << connectionCount;
+#endif
+ }
+
+ void prepareMutualTls()
+ {
std::error_code error;
std::filesystem::path caPath(ensuressl::trustStorePath);
auto caAvailable = !std::filesystem::is_empty(caPath, error);
@@ -252,24 +275,6 @@
}
return true;
});
-#endif // BMCWEB_ENABLE_MUTUAL_TLS_AUTHENTICATION
-
-#ifdef BMCWEB_ENABLE_DEBUG
- connectionCount++;
- BMCWEB_LOG_DEBUG << this << " Connection open, total "
- << connectionCount;
-#endif
- }
-
- ~Connection()
- {
- res.completeRequestHandler = nullptr;
- cancelDeadlineTimer();
-#ifdef BMCWEB_ENABLE_DEBUG
- connectionCount--;
- BMCWEB_LOG_DEBUG << this << " Connection closed, total "
- << connectionCount;
-#endif
}
Adaptor& socket()