From: Emeric Brun <ebrun@exceliance.fr>
Date: Fri, 9 May 2014 12:01:48 +0000 (+0200)
Subject: MINOR: ssl: remove fallback to SSL session private cache if lock init fails.
X-Git-Tag: v1.5-dev25~25
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=93ee249fd189d36e10a862ff21091fee30535d4b;p=thirdparty%2Fhaproxy.git

MINOR: ssl: remove fallback to SSL session private cache if lock init fails.

Now, haproxy exit an error saying:
Unable to initialize the lock for the shared SSL session cache. You can retry using
the global statement 'tune.ssl.force-private-cache' but it could increase the CPU
usage due to renegotiation if nbproc > 1.
---

diff --git a/src/cfgparse.c b/src/cfgparse.c
index 60674092f9..90825c0679 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -6765,16 +6765,12 @@ out_uri_auth_compat:
 
 			alloc_ctx = shared_context_init(global.tune.sslcachesize, (!global.tune.sslprivatecache && (global.nbproc > 1)) ? 1 : 0);
 			if (alloc_ctx < 0) {
-				if (alloc_ctx == SHCTX_E_INIT_LOCK) {
-					Warning("Unable to init lock for the shared SSL session cache. Falling back to private cache.\n");
-					alloc_ctx = shared_context_init(global.tune.sslcachesize, 0);
-				}
-
-				if (alloc_ctx < 0) {
+				if (alloc_ctx == SHCTX_E_INIT_LOCK)
+					Alert("Unable to initialize the lock for the shared SSL session cache. You can retry using the global statement 'tune.ssl.force-private-cache' but it could increase CPU usage due to renegotiations if nbproc > 1.\n");
+				else
 					Alert("Unable to allocate SSL session cache.\n");
-					cfgerr++;
-					continue;
-				}
+				cfgerr++;
+				continue;
 			}
 
 			/* initialize all certificate contexts */