From: William Lallemand <wlallemand@haproxy.com>
Date: Thu, 14 May 2020 22:20:53 +0000 (+0200)
Subject: REORG: ssl: move ssl_sock_ctx and fix cross-dependencies issues
X-Git-Tag: v2.2-dev8~56
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c0cdaffaa338;p=thirdparty%2Fhaproxy.git

REORG: ssl: move ssl_sock_ctx and fix cross-dependencies issues

In order to move all SSL sample fetches in another file, moving the
ssl_sock_ctx definition in a .h file is required.

Unfortunately it became a cross dependencies hell to solve, because of
the struct wait_event field, so <types/connection.h> is needed which
created other problems.
---

diff --git a/include/proto/ssl_sock.h b/include/proto/ssl_sock.h
index a01e29ef61..32b7a335ae 100644
--- a/include/proto/ssl_sock.h
+++ b/include/proto/ssl_sock.h
@@ -28,6 +28,7 @@
 #include <types/connection.h>
 #include <types/listener.h>
 #include <types/proxy.h>
+#include <types/ssl_sock.h>
 #include <types/stream_interface.h>
 
 #include <proto/connection.h>
diff --git a/include/types/listener.h b/include/types/listener.h
index 4b71ddbcb0..997a597206 100644
--- a/include/types/listener.h
+++ b/include/types/listener.h
@@ -27,7 +27,6 @@
 
 #ifdef USE_OPENSSL
 #include <common/openssl-compat.h>
-#include <types/ssl_sock.h>
 #endif
 
 #include <common/config.h>
@@ -112,6 +111,12 @@ enum li_state {
 #define BC_SSL_O_PREF_CLIE_CIPH 0x0200  /* prefer client ciphers */
 #endif
 
+struct tls_version_filter {
+	uint16_t flags;     /* ssl options */
+	uint8_t  min;      /* min TLS version */
+	uint8_t  max;      /* max TLS version */
+};
+
 /* ssl "bind" settings */
 struct ssl_bind_conf {
 #ifdef USE_OPENSSL
diff --git a/include/types/ssl_sock.h b/include/types/ssl_sock.h
index e6b092e663..99c964d6ed 100644
--- a/include/types/ssl_sock.h
+++ b/include/types/ssl_sock.h
@@ -27,6 +27,7 @@
 #include <ebmbtree.h>
 #include <eb64tree.h>
 
+#include <types/connection.h> /* struct wait_event */
 #include <types/ssl_ckch.h>
 #include <types/ssl_crtlist.h>
 
@@ -131,12 +132,6 @@ struct sni_ctx {
 	struct ebmb_node name;    /* node holding the servername value */
 };
 
-struct tls_version_filter {
-	uint16_t flags;     /* ssl options */
-	uint8_t  min;      /* min TLS version */
-	uint8_t  max;      /* max TLS version */
-};
-
 extern struct list tlskeys_reference;
 
 struct tls_sess_key_128 {
@@ -233,6 +228,20 @@ struct ssl_capture {
 	char ciphersuite[0];
 };
 
+struct ssl_sock_ctx {
+	struct connection *conn;
+	SSL *ssl;
+	BIO *bio;
+	const struct xprt_ops *xprt;
+	void *xprt_ctx;
+	struct wait_event wait_event;
+	struct wait_event *subs;
+	int xprt_st;                  /* transport layer state, initialized to zero */
+	struct buffer early_buf;      /* buffer to store the early data received */
+	int sent_early_data;          /* Amount of early data we sent so far */
+
+};
+
 struct global_ssl {
 	char *crt_base;             /* base directory path for certificates */
 	char *ca_base;              /* base directory path for CAs and CRLs */
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index e0326c0373..684a419a9e 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -143,20 +143,6 @@ struct global_ssl global_ssl = {
 
 static BIO_METHOD *ha_meth;
 
-struct ssl_sock_ctx {
-	struct connection *conn;
-	SSL *ssl;
-	BIO *bio;
-	const struct xprt_ops *xprt;
-	void *xprt_ctx;
-	struct wait_event wait_event;
-	struct wait_event *subs;
-	int xprt_st;                  /* transport layer state, initialized to zero */
-	struct buffer early_buf;      /* buffer to store the early data received */
-	int sent_early_data;          /* Amount of early data we sent so far */
-
-};
-
 DECLARE_STATIC_POOL(ssl_sock_ctx_pool, "ssl_sock_ctx_pool", sizeof(struct ssl_sock_ctx));
 
 static struct task *ssl_sock_io_cb(struct task *, void *, unsigned short);