MINOR: global: always export some SSL-specific metrics

We'll need to know the number of SSL connections, their use and their
cost soon. In order to avoid getting tons of ifdefs everywhere, always
export SSL information in the global section. We add two flags to know
whether or not SSL is used in a frontend and in a backend.

diff --git a/include/types/global.h b/include/types/global.h
index 22490b06b53d40a9882757d9dca2d78d58ddfae4..ab80c72e0c3d727a56084e9b770454001e6d8e17 100644 (file)
--- a/include/types/global.h
+++ b/include/types/global.h
@@ -83,8 +83,10 @@ struct global {
        int external_check;
        int nbproc;
        int maxconn, hardmaxconn;
-#ifdef USE_OPENSSL
        int maxsslconn;
+       int ssl_used_frontend;      /* non-zero if SSL is used in a frontend */
+       int ssl_used_backend;       /* non-zero if SSL is used in a backend */
+#ifdef USE_OPENSSL
        char *listen_default_ciphers;
        char *connect_default_ciphers;
        int listen_default_ssloptions;
@@ -138,8 +140,8 @@ struct global {
                int pipesize;      /* pipe size in bytes, system defaults if zero */
                int max_http_hdr;  /* max number of HTTP headers, use MAX_HTTP_HDR if zero */
                int cookie_len;    /* max length of cookie captures */
-#ifdef USE_OPENSSL
                int sslcachesize;  /* SSL cache size in session, defaults to 20000 */
+#ifdef USE_OPENSSL
                int sslprivatecache; /* Force to use a private session cache even if nbproc > 1 */
                unsigned int ssllifetime;   /* SSL session lifetime in seconds */
                unsigned int ssl_max_record; /* SSL max record size */

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 6edc14950d829aaa6aa9263d938b618c22174be0..3bf71cf358f3038d1e5d289b7df0db5bfe212dc0 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -1820,7 +1820,10 @@ int ssl_sock_prepare_srv_ctx(struct server *srv, struct proxy *curproxy)
                cfgerr++;
        }
 
-        /* Initiate SSL context for current server */
+       /* Automatic memory computations need to know we use SSL there */
+       global.ssl_used_backend = 1;
+
+       /* Initiate SSL context for current server */
        srv->ssl_ctx.reused_sess = NULL;
        if (srv->use_ssl)
                srv->xprt = &ssl_sock;
@@ -1962,6 +1965,9 @@ int ssl_sock_prepare_all_ctx(struct bind_conf *bind_conf, struct proxy *px)
        if (!bind_conf || !bind_conf->is_ssl)
                return 0;
 
+       /* Automatic memory computations need to know we use SSL there */
+       global.ssl_used_frontend = 1;
+
        if (bind_conf->default_ctx)
                err += ssl_sock_prepare_ctx(bind_conf, bind_conf->default_ctx, px);