From: Willy Tarreau Date: Fri, 10 May 2019 07:58:43 +0000 (+0200) Subject: CLEANUP: ssl: make inclusion of openssl headers safe X-Git-Tag: v2.0-dev3~61 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c125cef6da5d9c5a628e266b57811e5309b363b0;p=thirdparty%2Fhaproxy.git CLEANUP: ssl: make inclusion of openssl headers safe It's always a pain to have to stuff lots of #ifdef USE_OPENSSL around ssl headers, it even results in some of them appearing in a random order and multiple times just to benefit form an existing ifdef block. Let's make these headers safe for inclusion when USE_OPENSSL is not defined, they now perform the test themselves and do nothing if USE_OPENSSL is not defined. This allows to remove no less than 8 such ifdef blocks and make include blocks more readable. --- diff --git a/include/common/openssl-compat.h b/include/common/openssl-compat.h index 0ceca08376..55d874d84e 100644 --- a/include/common/openssl-compat.h +++ b/include/common/openssl-compat.h @@ -1,5 +1,6 @@ #ifndef _COMMON_OPENSSL_COMPAT_H #define _COMMON_OPENSSL_COMPAT_H +#ifdef USE_OPENSSL #include #include @@ -233,4 +234,5 @@ static inline int EVP_PKEY_base_id(EVP_PKEY *pkey) #define TLS_TICKET_HASH_FUNCT EVP_sha256 #endif /* OPENSSL_NO_SHA256 */ +#endif /* USE_OPENSSL */ #endif /* _COMMON_OPENSSL_COMPAT_H */ diff --git a/include/proto/ssl_sock.h b/include/proto/ssl_sock.h index f3d3ff8f53..23507ca5e2 100644 --- a/include/proto/ssl_sock.h +++ b/include/proto/ssl_sock.h @@ -21,6 +21,8 @@ #ifndef _PROTO_SSL_SOCK_H #define _PROTO_SSL_SOCK_H +#ifdef USE_OPENSSL + #include #include @@ -28,6 +30,8 @@ #include #include +#include + extern int sslconns; extern int totalsslconns; @@ -99,6 +103,7 @@ void ssl_async_fd_free(int fd); #define sh_ssl_sess_tree_lookup(k) (struct sh_ssl_sess_hdr *)ebmb_lookup(sh_ssl_sess_tree, \ (k), SSL_MAX_SSL_SESSION_ID_LENGTH); +#endif /* USE_OPENSSL */ #endif /* _PROTO_SSL_SOCK_H */ /* diff --git a/include/types/server.h b/include/types/server.h index 2951cf68fe..0d53d26009 100644 --- a/include/types/server.h +++ b/include/types/server.h @@ -25,14 +25,10 @@ #include #include -#ifdef USE_OPENSSL -#include -#include -#endif - #include #include #include +#include #include @@ -43,6 +39,7 @@ #include #include #include +#include #include #include diff --git a/include/types/ssl_sock.h b/include/types/ssl_sock.h index 45f89c9b87..0c863572a4 100644 --- a/include/types/ssl_sock.h +++ b/include/types/ssl_sock.h @@ -21,6 +21,7 @@ #ifndef _TYPES_SSL_SOCK_H #define _TYPES_SSL_SOCK_H +#ifdef USE_OPENSSL #include @@ -84,4 +85,5 @@ struct sh_ssl_sess_hdr { unsigned char key_data[SSL_MAX_SSL_SESSION_ID_LENGTH]; }; +#endif /* USE_OPENSSL */ #endif /* _TYPES_SSL_SOCK_H */ diff --git a/src/backend.c b/src/backend.c index b7894f8a25..467ef57a9b 100644 --- a/src/backend.c +++ b/src/backend.c @@ -57,11 +57,8 @@ #include #include #include -#include - -#ifdef USE_OPENSSL #include -#endif /* USE_OPENSSL */ +#include int be_lastsession(const struct proxy *be) { diff --git a/src/checks.c b/src/checks.c index 63d9e03401..d264aecf8d 100644 --- a/src/checks.c +++ b/src/checks.c @@ -60,10 +60,7 @@ #include #include #include - -#ifdef USE_OPENSSL #include -#endif /* USE_OPENSSL */ static int httpchk_expect(struct server *s, int done); static int tcpcheck_get_step_id(struct check *); diff --git a/src/cli.c b/src/cli.c index fe50d9d176..3aa5f230bf 100644 --- a/src/cli.c +++ b/src/cli.c @@ -66,12 +66,10 @@ #include #include #include +#include #include #include #include -#ifdef USE_OPENSSL -#include -#endif #define PAYLOAD_PATTERN "<<" diff --git a/src/connection.c b/src/connection.c index 2a66996b26..adedb411dd 100644 --- a/src/connection.c +++ b/src/connection.c @@ -25,10 +25,7 @@ #include #include #include - -#ifdef USE_OPENSSL #include -#endif DECLARE_POOL(pool_head_connection, "connection", sizeof(struct connection)); DECLARE_POOL(pool_head_connstream, "conn_stream", sizeof(struct conn_stream)); diff --git a/src/haproxy.c b/src/haproxy.c index e085ce2c21..a47b7dd32f 100644 --- a/src/haproxy.c +++ b/src/haproxy.c @@ -83,6 +83,7 @@ #include #include #include +#include #include #include #include @@ -125,10 +126,7 @@ #include #include #include -#ifdef USE_OPENSSL -#include #include -#endif /* array of init calls for older platforms */ DECLARE_INIT_STAGES; diff --git a/src/log.c b/src/log.c index a075b85e46..7e14d89e2c 100644 --- a/src/log.c +++ b/src/log.c @@ -39,11 +39,9 @@ #include #include #include +#include #include #include -#ifdef USE_OPENSSL -#include -#endif struct log_fmt { char *name; diff --git a/src/stats.c b/src/stats.c index 6965ad2477..dc57e857e4 100644 --- a/src/stats.c +++ b/src/stats.c @@ -66,17 +66,13 @@ #include #include #include +#include #include #include #include #include #include -#ifdef USE_OPENSSL -#include -#include -#endif - /* status codes available for the stats admin page (strictly 4 chars length) */ const char *stat_status_codes[STAT_STATUS_SIZE] = {