MINOR: listener/ssl: set the SSL xprt layer only once the whole config is known

We used to preset XPRT_SSL on bind_conf->xprt when parsing the "ssl"
keyword, which required to be careful about what QUIC could have set
before, and which makes it impossible to consider the whole line to
set all options.

Now that we have the BC_O_USE_SSL option on the bind_conf, it becomes
easier to set XPRT_SSL only once the bind_conf's args are parsed.

diff --git a/src/cfgparse-ssl.c b/src/cfgparse-ssl.c
index fad0828f2edeb16c9bfc5d792381d4a7c4781eda..6abcd38ebbb60d6251b2e1b4ca14c0d670233f1f 100644 (file)
--- a/src/cfgparse-ssl.c
+++ b/src/cfgparse-ssl.c
@@ -1115,9 +1115,6 @@ static int bind_parse_alpn(char **args, int cur_arg, struct proxy *px, struct bi
 /* parse the "ssl" bind keyword */
 static int bind_parse_ssl(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
 {
-       /* Do not change the xprt for QUIC. */
-       if (conf->xprt != xprt_get(XPRT_QUIC))
-               conf->xprt = &ssl_sock;
        conf->options |= BC_O_USE_SSL;
 
        if (global_ssl.listen_default_ciphers && !conf->ssl_conf.ciphers)

diff --git a/src/listener.c b/src/listener.c
index 3efe6c1c83a3051e9bd5d3a30ccf44349da9d456..929c2387aac19b7c28af0a07cc0a2b16660eb462 100644 (file)
--- a/src/listener.c
+++ b/src/listener.c
@@ -1656,6 +1656,9 @@ int bind_parse_args_list(struct bind_conf *bind_conf, char **args, int cur_arg,
                goto out;
 #endif
        }
+       else if (bind_conf->options & BC_O_USE_SSL) {
+               bind_conf->xprt = xprt_get(XPRT_SSL);
+       }
 
  out:
        return err_code;