CLEANUP: ssl: make inclusion of openssl headers safe

It's always a pain to have to stuff lots of #ifdef USE_OPENSSL around
ssl headers, it even results in some of them appearing in a random order
and multiple times just to benefit form an existing ifdef block. Let's
make these headers safe for inclusion when USE_OPENSSL is not defined,
they now perform the test themselves and do nothing if USE_OPENSSL is
not defined. This allows to remove no less than 8 such ifdef blocks
and make include blocks more readable.

diff --git a/include/common/openssl-compat.h b/include/common/openssl-compat.h
index 0ceca08376366b40a0c16fb36423cd1fc98e975c..55d874d84e6dd7be5fc2a4798e7870a3634c1c53 100644 (file)
--- a/include/common/openssl-compat.h
+++ b/include/common/openssl-compat.h
@@ -1,5 +1,6 @@
 #ifndef _COMMON_OPENSSL_COMPAT_H
 #define _COMMON_OPENSSL_COMPAT_H
+#ifdef USE_OPENSSL
 
 #include <openssl/bn.h>
 #include <openssl/crypto.h>
@@ -233,4 +234,5 @@ static inline int EVP_PKEY_base_id(EVP_PKEY *pkey)
 #define TLS_TICKET_HASH_FUNCT EVP_sha256
 #endif /* OPENSSL_NO_SHA256 */
 
+#endif /* USE_OPENSSL */
 #endif /* _COMMON_OPENSSL_COMPAT_H */

diff --git a/include/proto/ssl_sock.h b/include/proto/ssl_sock.h
index f3d3ff8f53e21ae2deedc2b1273560ed6ad38849..23507ca5e289f5c23a75021b6d0f61b8d29f9c1c 100644 (file)
--- a/include/proto/ssl_sock.h
+++ b/include/proto/ssl_sock.h
@@ -21,6 +21,8 @@
 
 #ifndef _PROTO_SSL_SOCK_H
 #define _PROTO_SSL_SOCK_H
+#ifdef USE_OPENSSL
+
 #include <common/openssl-compat.h>
 
 #include <types/connection.h>
@@ -28,6 +30,8 @@
 #include <types/proxy.h>
 #include <types/stream_interface.h>
 
+#include <proto/connection.h>
+
 extern int sslconns;
 extern int totalsslconns;
 
@@ -99,6 +103,7 @@ void ssl_async_fd_free(int fd);
 
 #define sh_ssl_sess_tree_lookup(k)     (struct sh_ssl_sess_hdr *)ebmb_lookup(sh_ssl_sess_tree, \
                                                                     (k), SSL_MAX_SSL_SESSION_ID_LENGTH);
+#endif /* USE_OPENSSL */
 #endif /* _PROTO_SSL_SOCK_H */
 
 /*

diff --git a/include/types/server.h b/include/types/server.h
index 2951cf68fe13d157ec9a8902dc6fa1fb54d57dff..0d53d26009da3c86b755fc4453a8ca98092ae36d 100644 (file)
--- a/include/types/server.h
+++ b/include/types/server.h
@@ -25,14 +25,10 @@
 #include <netinet/in.h>
 #include <arpa/inet.h>
 
-#ifdef USE_OPENSSL
-#include <common/openssl-compat.h>
-#include <types/ssl_sock.h>
-#endif
-
 #include <common/config.h>
 #include <common/mini-clist.h>
 #include <common/hathreads.h>
+#include <common/openssl-compat.h>
 
 #include <eb32tree.h>
 
@@ -43,6 +39,7 @@
 #include <types/obj_type.h>
 #include <types/proxy.h>
 #include <types/queue.h>
+#include <types/ssl_sock.h>
 #include <types/task.h>
 #include <types/checks.h>
 

diff --git a/include/types/ssl_sock.h b/include/types/ssl_sock.h
index 45f89c9b872e22e31cfc5e4086f1d6c26cc1d306..0c863572a470d4a340ebcd5459c49e23a1d00757 100644 (file)
--- a/include/types/ssl_sock.h
+++ b/include/types/ssl_sock.h
@@ -21,6 +21,7 @@
 
 #ifndef _TYPES_SSL_SOCK_H
 #define _TYPES_SSL_SOCK_H
+#ifdef USE_OPENSSL
 
 #include <ebmbtree.h>
 
@@ -84,4 +85,5 @@ struct sh_ssl_sess_hdr {
        unsigned char key_data[SSL_MAX_SSL_SESSION_ID_LENGTH];
 };
 
+#endif /* USE_OPENSSL */
 #endif /* _TYPES_SSL_SOCK_H */

diff --git a/src/backend.c b/src/backend.c
index b7894f8a253eb5d88a3a32b7af31dd5b1f762e34..467ef57a9b0cd3eb33c40b203e036a7db969e5bb 100644 (file)
--- a/src/backend.c
+++ b/src/backend.c
@@ -57,11 +57,8 @@
 #include <proto/session.h>
 #include <proto/stream.h>
 #include <proto/stream_interface.h>
-#include <proto/task.h>
-
-#ifdef USE_OPENSSL
 #include <proto/ssl_sock.h>
-#endif /* USE_OPENSSL */
+#include <proto/task.h>
 
 int be_lastsession(const struct proxy *be)
 {

diff --git a/src/checks.c b/src/checks.c
index 63d9e03401d2bd1a3ce6d2f613c8d50cb9b0b2b9..d264aecf8d3c3674c982c530d6bf15b61cf1bb66 100644 (file)
--- a/src/checks.c
+++ b/src/checks.c
@@ -60,10 +60,7 @@
 #include <proto/log.h>
 #include <proto/dns.h>
 #include <proto/proto_udp.h>
-
-#ifdef USE_OPENSSL
 #include <proto/ssl_sock.h>
-#endif /* USE_OPENSSL */
 
 static int httpchk_expect(struct server *s, int done);
 static int tcpcheck_get_step_id(struct check *);

diff --git a/src/cli.c b/src/cli.c
index fe50d9d176c3aa07132ddd0c0873edb549b323bb..3aa5f230bf27772079b10339e3cc0b0f5e8b5bd3 100644 (file)
--- a/src/cli.c
+++ b/src/cli.c
@@ -66,12 +66,10 @@
 #include <proto/session.h>
 #include <proto/stream.h>
 #include <proto/server.h>
+#include <proto/ssl_sock.h>
 #include <proto/stream_interface.h>
 #include <proto/task.h>
 #include <proto/proto_udp.h>
-#ifdef USE_OPENSSL
-#include <proto/ssl_sock.h>
-#endif
 
 #define PAYLOAD_PATTERN "<<"
 

diff --git a/src/connection.c b/src/connection.c
index 2a66996b2603c304b6996aeb1bd5b7e6d6bb15f7..adedb411ddd598d483941712a4495b4547a3b33b 100644 (file)
--- a/src/connection.c
+++ b/src/connection.c
@@ -25,10 +25,7 @@
 #include <proto/proto_tcp.h>
 #include <proto/stream_interface.h>
 #include <proto/sample.h>
-
-#ifdef USE_OPENSSL
 #include <proto/ssl_sock.h>
-#endif
 
 DECLARE_POOL(pool_head_connection, "connection",  sizeof(struct connection));
 DECLARE_POOL(pool_head_connstream, "conn_stream", sizeof(struct conn_stream));

diff --git a/src/haproxy.c b/src/haproxy.c
index e085ce2c21233bf78c4dade6bfed3b2842c00989..a47b7dd32ffe6f9b25a30a3c374f6e69dcd9dcfd 100644 (file)
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -83,6 +83,7 @@
 #include <common/memory.h>
 #include <common/mini-clist.h>
 #include <common/namespace.h>
+#include <common/openssl-compat.h>
 #include <common/regex.h>
 #include <common/standard.h>
 #include <common/time.h>
@@ -125,10 +126,7 @@
 #include <proto/task.h>
 #include <proto/dns.h>
 #include <proto/vars.h>
-#ifdef USE_OPENSSL
-#include <common/openssl-compat.h>
 #include <proto/ssl_sock.h>
-#endif
 
 /* array of init calls for older platforms */
 DECLARE_INIT_STAGES;

diff --git a/src/log.c b/src/log.c
index a075b85e46a34df141dceed66f6583667bd370af..7e14d89e2cb846c7443b960c7bbc3f6496b8fbe2 100644 (file)
--- a/src/log.c
+++ b/src/log.c
@@ -39,11 +39,9 @@
 #include <proto/frontend.h>
 #include <proto/log.h>
 #include <proto/sample.h>
+#include <proto/ssl_sock.h>
 #include <proto/stream.h>
 #include <proto/stream_interface.h>
-#ifdef USE_OPENSSL
-#include <proto/ssl_sock.h>
-#endif
 
 struct log_fmt {
        char *name;

diff --git a/src/stats.c b/src/stats.c
index 6965ad247791561d6c6908b4384cc037347867a6..dc57e857e4ad938a511a43c2095b0758a3262311 100644 (file)
--- a/src/stats.c
+++ b/src/stats.c
@@ -66,17 +66,13 @@
 #include <proto/proxy.h>
 #include <proto/sample.h>
 #include <proto/session.h>
+#include <proto/ssl_sock.h>
 #include <proto/stream.h>
 #include <proto/server.h>
 #include <proto/raw_sock.h>
 #include <proto/stream_interface.h>
 #include <proto/task.h>
 
-#ifdef USE_OPENSSL
-#include <proto/ssl_sock.h>
-#include <types/ssl_sock.h>
-#endif
-
 
 /* status codes available for the stats admin page (strictly 4 chars length) */
 const char *stat_status_codes[STAT_STATUS_SIZE] = {