From: Willy Tarreau <w@1wt.eu>
Date: Thu, 22 Dec 2016 20:16:08 +0000 (+0100)
Subject: MINOR: ssl_sock: implement and use prepare_srv()/destroy_srv()
X-Git-Tag: v1.8-dev1~198
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=17d4538044fc37b9b4cccdc21543b183d5b69a0b;p=thirdparty%2Fhaproxy.git

MINOR: ssl_sock: implement and use prepare_srv()/destroy_srv()

Now we can simply check the transport layer at run time and decide
whether or not to initialize or destroy these entries. This removes
other ifdefs and includes from cfgparse.c, haproxy.c and hlua.c.
---

diff --git a/src/cfgparse.c b/src/cfgparse.c
index 97adb9f2fd..2f75c16605 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -84,11 +84,6 @@
 #include <proto/task.h>
 #include <proto/tcp_rules.h>
 
-#ifdef USE_OPENSSL
-#include <types/ssl_sock.h>
-#include <proto/ssl_sock.h>
-#include <proto/shctx.h>
-#endif /*USE_OPENSSL */
 
 /* This is the SSLv3 CLIENT HELLO packet used in conjunction with the
  * ssl-hello-chk option to ensure that the remote server speaks SSL.
@@ -8286,10 +8281,11 @@ out_uri_auth_compat:
 				newsrv->minconn = newsrv->maxconn;
 			}
 
-#ifdef USE_OPENSSL
-			if (newsrv->use_ssl || newsrv->check.use_ssl)
-				cfgerr += ssl_sock_prepare_srv_ctx(newsrv);
-#endif /* USE_OPENSSL */
+			/* this will also properly set the transport layer for prod and checks */
+			if (newsrv->use_ssl || newsrv->check.use_ssl) {
+				if (xprt_get(XPRT_SSL) && xprt_get(XPRT_SSL)->prepare_srv)
+					cfgerr += xprt_get(XPRT_SSL)->prepare_srv(newsrv);
+			}
 
 			/* set the check type on the server */
 			newsrv->check.type = curproxy->options2 & PR_O2_CHK_ANY;
diff --git a/src/haproxy.c b/src/haproxy.c
index adffda9240..611371ca24 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -1446,10 +1446,11 @@ static void deinit(void)
 			free(s->agent.bo);
 			free(s->agent.send_string);
 			free((char*)s->conf.file);
-#ifdef USE_OPENSSL
-			if (s->use_ssl || s->check.use_ssl)
-				ssl_sock_free_srv_ctx(s);
-#endif
+
+			if (s->use_ssl || s->check.use_ssl) {
+				if (xprt_get(XPRT_SSL) && xprt_get(XPRT_SSL)->destroy_srv)
+					xprt_get(XPRT_SSL)->destroy_srv(s);
+			}
 			free(s);
 			s = s_next;
 		}/* end while(s) */
diff --git a/src/hlua.c b/src/hlua.c
index 0ed8ec99f3..c343a7b39e 100644
--- a/src/hlua.c
+++ b/src/hlua.c
@@ -48,7 +48,6 @@
 #include <proto/server.h>
 #include <proto/session.h>
 #include <proto/stream.h>
-#include <proto/ssl_sock.h>
 #include <proto/stream_interface.h>
 #include <proto/task.h>
 #include <proto/tcp_rules.h>
@@ -7697,7 +7696,8 @@ void hlua_init(void)
 	}
 
 	/* Initialize SSL server. */
-	ssl_sock_prepare_srv_ctx(&socket_ssl);
+	if (socket_ssl.xprt->prepare_srv)
+		socket_ssl.xprt->prepare_srv(&socket_ssl);
 #endif
 
 	RESET_SAFE_LJMP(gL.T);
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index f5d4920a9d..b39f3264e1 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -6660,6 +6660,8 @@ static struct xprt_ops ssl_sock = {
 	.init     = ssl_sock_init,
 	.prepare_bind_conf = ssl_sock_prepare_bind_conf,
 	.destroy_bind_conf = ssl_sock_destroy_bind_conf,
+	.prepare_srv = ssl_sock_prepare_srv_ctx,
+	.destroy_srv = ssl_sock_free_srv_ctx,
 	.name     = "SSL",
 };