REORG: ssl: move structures to ssl_sock.h

diff --git a/include/types/ssl_sock.h b/include/types/ssl_sock.h
index 0c863572a470d4a340ebcd5459c49e23a1d00757..e0b1a80d83e9942cd73ded3d0228f7ea770b3ece 100644 (file)
--- a/include/types/ssl_sock.h
+++ b/include/types/ssl_sock.h
@@ -85,5 +85,50 @@ struct sh_ssl_sess_hdr {
        unsigned char key_data[SSL_MAX_SSL_SESSION_ID_LENGTH];
 };
 
+/* This is used to preload the certifcate, private key
+ * and Cert Chain of a file passed in via the crt
+ * argument
+ *
+ * This way, we do not have to read the file multiple times
+ */
+struct cert_key_and_chain {
+       X509 *cert;
+       EVP_PKEY *key;
+       STACK_OF(X509) *chain;
+       DH *dh;
+};
+
+/*
+ * this is used to store 1 to SSL_SOCK_NUM_KEYTYPES cert_key_and_chain and
+ * metadata.
+ */
+struct ckch_store {
+       struct cert_key_and_chain *ckch;
+       int multi; /* is it a multi-cert bundle ? */
+       struct ebmb_node node;
+       char path[0];
+};
+
+
+#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
+
+#define SSL_SOCK_POSSIBLE_KT_COMBOS (1<<(SSL_SOCK_NUM_KEYTYPES))
+
+struct key_combo_ctx {
+       SSL_CTX *ctx;
+       int order;
+};
+
+/* Map used for processing multiple keypairs for a single purpose
+ *
+ * This maps CN/SNI name to certificate type
+ */
+struct sni_keytype {
+       int keytypes;                     /* BITMASK for keytypes */
+       struct ebmb_node name;    /* node holding the servername value */
+};
+
+#endif
+
 #endif /* USE_OPENSSL */
 #endif /* _TYPES_SSL_SOCK_H */

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 12f367d19c2eaff585d2e79f930a1de314b00aa5..9f6d2b6c8598f47a58cac2c436c7da9ae8911486 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -2797,58 +2797,11 @@ static int ssl_sock_add_cert_sni(SSL_CTX *ctx, struct bind_conf *s, struct ssl_b
        return order;
 }
 
-
-/* The following code is used for loading multiple crt files into
- * SSL_CTX's based on CN/SAN
- */
-/* This is used to preload the certifcate, private key
- * and Cert Chain of a file passed in via the crt
- * argument
- *
- * This way, we do not have to read the file multiple times
- */
-struct cert_key_and_chain {
-       X509 *cert;
-       EVP_PKEY *key;
-       STACK_OF(X509) *chain;
-       DH *dh;
-};
-
-/*
- * this is used to store 1 to SSL_SOCK_NUM_KEYTYPES cert_key_and_chain and
- * metadata.
- */
-struct ckch_store {
-       struct cert_key_and_chain *ckch;
-       int multi; /* is it a multi-cert bundle ? */
-       struct ebmb_node node;
-       char path[0];
-};
-
 /*
  * tree used to store the ckchs ordered by filename/bundle name
  */
 struct eb_root ckchs_tree = EB_ROOT_UNIQUE;
 
-#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
-
-#define SSL_SOCK_POSSIBLE_KT_COMBOS (1<<(SSL_SOCK_NUM_KEYTYPES))
-
-struct key_combo_ctx {
-       SSL_CTX *ctx;
-       int order;
-};
-
-/* Map used for processing multiple keypairs for a single purpose
- *
- * This maps CN/SNI name to certificate type
- */
-struct sni_keytype {
-       int keytypes;                     /* BITMASK for keytypes */
-       struct ebmb_node name;    /* node holding the servername value */
-};
-
-#endif
 
 /* Loads Diffie-Hellman parameter from a ckchs. Returns 1 if loaded, else -1
    if an error occurred, and 0 if parameter not found. */