tls: openssl: Add setting up interface for certstore

Signed-off-by: Hiroshi Hatake <[email protected]>

Author: cosmo0920

include/fluent-bit/tls/flb_tls.h

@@ -92,6 +92,11 @@ struct flb_tls_backend {
     int (*net_write) (struct flb_tls_session *, const void *data,
                       size_t len);
     int (*net_handshake) (struct flb_tls *, char *, void *);
+
+#if defined(FLB_SYSTEM_WINDOWS)
+    int (*set_certstore_name)(struct flb_tls *tls, const char *certstore_name);
+    int (*set_use_enterprise_store)(struct flb_tls *tls, int use_enterprise);
+#endif
 };
 
 /* Main TLS context */

src/tls/flb_tls.c

@@ -299,27 +299,19 @@ int flb_tls_set_verify_hostname(struct flb_tls *tls, int verify_hostname)
 #if defined(FLB_SYSTEM_WINDOWS)
 int flb_tls_set_certstore_name(struct flb_tls *tls, const char *certstore_name)
 {
-    if (!tls) {
-        return -1;
-    }
-
-    if (tls->certstore_name) {
-        flb_free(tls->certstore_name);
+    if (tls) {
+        return tls->api->set_certstore_name(tls, certstore_name);
     }
 
-    tls->certstore_name = flb_strdup(certstore_name);
-
     return 0;
 }
 
 int flb_tls_set_use_enterprise_store(struct flb_tls *tls, int use_enterprise)
 {
-    if (!tls) {
-        return -1;
+    if (tls) {
+        return tls->api->set_use_enterprise_store(tls, use_enterprise);
     }
 
-    tls->use_enterprise_store = !!use_enterprise;
-
     return 0;
 }
 #endif

src/tls/openssl.c

@@ -152,6 +152,14 @@ static void tls_context_destroy(void *ctx_backend)
         ctx->alpn = NULL;
     }
 
+#if defined(FLB_SYSTEM_WINDOWS)
+    if (ctx->certstore_name != NULL) {
+        flb_free(ctx->certstore_name);
+
+        ctx->certstore_name = NULL;
+    }
+#endif
+
     pthread_mutex_unlock(&ctx->mutex);
 
     flb_free(ctx);
@@ -788,6 +796,34 @@ static int tls_set_ciphers(struct flb_tls *tls, const char *ciphers)
     return 0;
 }
 
+#if defined(FLB_SYSTEM_WINDOWS)
+static int tls_set_certstore_name(struct flb_tls *tls, const char *certstore_name)
+{
+    struct tls_context *ctx = tls->ctx;
+
+    pthread_mutex_lock(&ctx->mutex);
+
+    ctx->certstore_name = flb_strdup(certstore_name);
+
+    pthread_mutex_unlock(&ctx->mutex);
+
+    return 0;
+}
+
+static int tls_set_use_enterprise_store(struct flb_tls *tls, int use_enterprise)
+{
+    struct tls_context *ctx = tls->ctx;
+
+    pthread_mutex_lock(&ctx->mutex);
+
+    ctx->use_enterprise_store = !!use_enterprise;
+
+    pthread_mutex_unlock(&ctx->mutex);
+
+    return 0;
+}
+#endif
+
 static void *tls_session_create(struct flb_tls *tls,
                                 int fd)
 {
@@ -1187,4 +1223,8 @@ static struct flb_tls_backend tls_openssl = {
     .net_read             = tls_net_read,
     .net_write            = tls_net_write,
     .net_handshake        = tls_net_handshake,
+#if defined(FLB_SYSTEM_WINDOWS)
+    .set_certstore_name   = tls_set_certstore_name,
+    .set_use_enterprise_store = tls_set_use_enterprise_store,
+#endif
 };