MINOR: ssl: extract full pkey info in load_certificate

Private key information is used in switchctx to implement native multicert selection (ecdsa/rsa/anonymous). This patch extract and store full pkey information: dsa type and pkey size in bits. This can be used for switchctx or to report pkey informations in ppv2 and log.
2026-02-10 16:52:46 +02:00 · 2017-10-27 18:43:29 +02:00
parent 8c0c34b6e7
commit ddc090bc55
2 changed files with 25 additions and 16 deletions
--- a/include/types/ssl_sock.h
+++ b/include/types/ssl_sock.h
@@ -27,11 +27,16 @@

 #include <common/hathreads.h>

+struct pkey_info {
+	uint8_t sig;          /* TLSEXT_signature_[rsa,ecdsa,...] */
+	uint16_t bits;        /* key size in bits */
+};
+
 struct sni_ctx {
 	SSL_CTX *ctx;             /* context associated to the certificate */
 	int order;                /* load order for the certificate */
 	uint8_t neg;              /* reject if match */
-	uint8_t key_sig;          /* TLSEXT_signature_[rsa,ecdsa,...] */
+	struct pkey_info kinfo;   /* pkey info */
 	struct ssl_bind_conf *conf; /* ssl "bind" conf for the certificate */
 	struct ebmb_node name;    /* node holding the servername value */
 };