CLEANUP: listener: replace all uses of bind_conf->is_ssl with BC_O_USE_SSL The new flag will now replace this boolean variable that was only set and tested.

commit: 11ba404c6b309a4f044be25e739e1d42c952947d [log] [tgz]
author: Willy Tarreau <w@1wt.eu> Fri May 20 15:56:32 2022 +0200
committer: Willy Tarreau <w@1wt.eu> Fri May 20 18:39:43 2022 +0200
tree: 897edfa9586a377fb272c2605a8e03e23d5e0111
parent: c694471b2149e97e4f49c1742ffb17cbdb330ac4 [diff]
diff --git a/include/haproxy/listener-t.h b/include/haproxy/listener-t.h
index f22f3b2..54546d1 100644
--- a/include/haproxy/listener-t.h
+++ b/include/haproxy/listener-t.h

@@ -113,6 +113,10 @@
  * maxconn setting to the global.maxsock value so that its resources are reserved.
  */
 
+/* flags used with bind_conf->options */
+#define BC_O_USE_SSL            0x00000001 /* SSL is being used on this bind_conf */
+
+
 /* flags used with bind_conf->ssl_options */
 #ifdef USE_OPENSSL
 #define BC_SSL_O_NONE           0x0000
@@ -177,7 +181,6 @@
 	const struct mux_proto_list *mux_proto; /* the mux to use for all incoming connections (specified by the "proto" keyword) */
 	struct xprt_ops *xprt;     /* transport-layer operations for all listeners */
 	uint options;              /* set of BC_O_* flags */
-	int is_ssl;                /* SSL is required for these listeners */
 	int generate_certs;        /* 1 if generate-certificates option is set, else 0 */
 	int level;                 /* stats access level (ACCESS_LVL_*) */
 	int severity_output;       /* default severity output format in cli feedback messages */

diff --git a/src/cfgparse-ssl.c b/src/cfgparse-ssl.c
index 6530775..33d0bdb 100644
--- a/src/cfgparse-ssl.c
+++ b/src/cfgparse-ssl.c

@@ -1118,7 +1118,7 @@
 	/* Do not change the xprt for QUIC. */
 	if (conf->xprt != xprt_get(XPRT_QUIC))
 		conf->xprt = &ssl_sock;
-	conf->is_ssl = 1;
+	conf->options |= BC_O_USE_SSL;
 
 	if (global_ssl.listen_default_ciphers && !conf->ssl_conf.ciphers)
 		conf->ssl_conf.ciphers = strdup(global_ssl.listen_default_ciphers);

diff --git a/src/cfgparse.c b/src/cfgparse.c
index 1e0f5ed..9def9b9 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c

@@ -3960,14 +3960,14 @@
 
 			/* smart accept mode is automatic in HTTP mode */
 			if ((curproxy->options2 & PR_O2_SMARTACC) ||
-			    ((curproxy->mode == PR_MODE_HTTP || listener->bind_conf->is_ssl) &&
+			    ((curproxy->mode == PR_MODE_HTTP || (listener->bind_conf->options & BC_O_USE_SSL)) &&
 			     !(curproxy->no_options2 & PR_O2_SMARTACC)))
 				listener->options |= LI_O_NOQUICKACK;
 		}
 
 		/* Release unused SSL configs */
 		list_for_each_entry(bind_conf, &curproxy->conf.bind, by_fe) {
-			if (!bind_conf->is_ssl && bind_conf->xprt->destroy_bind_conf)
+			if (!(bind_conf->options & BC_O_USE_SSL) && bind_conf->xprt->destroy_bind_conf)
 				bind_conf->xprt->destroy_bind_conf(bind_conf);
 		}
 

diff --git a/src/connection.c b/src/connection.c
index e92089e..2ead714 100644
--- a/src/connection.c
+++ b/src/connection.c

@@ -366,7 +366,7 @@
 			struct session *sess = conn->owner;
 			struct listener *li = sess->listener;
 
-			if (li->bind_conf && li->bind_conf->is_ssl) {
+			if (li->bind_conf && li->bind_conf->options & BC_O_USE_SSL) {
 				ctx_alpn_str = li->bind_conf->ssl_conf.alpn_str;
 				ctx_alpn_len = li->bind_conf->ssl_conf.alpn_len;
 			}

diff --git a/src/listener.c b/src/listener.c
index 3b7b8cf..6c71c1b 100644
--- a/src/listener.c
+++ b/src/listener.c

@@ -152,7 +152,7 @@
 		if (!(li->options & LI_O_UNLIMITED)) {
 			HA_ATOMIC_UPDATE_MAX(&global.sps_max,
 			                     update_freq_ctr(&global.sess_per_sec, 1));
-			if (li->bind_conf && li->bind_conf->is_ssl) {
+			if (li->bind_conf && li->bind_conf->options & BC_O_USE_SSL) {
 				HA_ATOMIC_UPDATE_MAX(&global.ssl_max,
 				                     update_freq_ctr(&global.ssl_per_sec, 1));
 			}
@@ -843,7 +843,8 @@
 			max_accept = max;
 	}
 #ifdef USE_OPENSSL
-	if (!(l->options & LI_O_UNLIMITED) && global.ssl_lim && l->bind_conf && l->bind_conf->is_ssl) {
+	if (!(l->options & LI_O_UNLIMITED) && global.ssl_lim &&
+	    l->bind_conf && l->bind_conf->options & BC_O_USE_SSL) {
 		int max = freq_ctr_remain(&global.ssl_per_sec, global.ssl_lim, 0);
 
 		if (unlikely(!max)) {
@@ -1126,7 +1127,8 @@
 			HA_ATOMIC_UPDATE_MAX(&global.sps_max, count);
 		}
 #ifdef USE_OPENSSL
-		if (!(l->options & LI_O_UNLIMITED) && l->bind_conf && l->bind_conf->is_ssl) {
+		if (!(l->options & LI_O_UNLIMITED) &&
+		    l->bind_conf && l->bind_conf->options & BC_O_USE_SSL) {
 			count = update_freq_ctr(&global.ssl_per_sec, 1);
 			HA_ATOMIC_UPDATE_MAX(&global.ssl_max, count);
 		}

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index a27949d..507bc0c 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c

@@ -5445,7 +5445,7 @@
 	int alloc_ctx;
 	int err;
 
-	if (!bind_conf->is_ssl) {
+	if (!(bind_conf->options & BC_O_USE_SSL)) {
 		if (bind_conf->default_ctx) {
 			ha_warning("Proxy '%s': A certificate was specified but SSL was not enabled on bind '%s' at [%s:%d] (use 'ssl').\n",
 				   px->id, bind_conf->arg, bind_conf->file, bind_conf->line);
commit	11ba404c6b309a4f044be25e739e1d42c952947d	[log] [tgz]
author	Willy Tarreau <w@1wt.eu>	Fri May 20 15:56:32 2022 +0200
committer	Willy Tarreau <w@1wt.eu>	Fri May 20 18:39:43 2022 +0200
tree	897edfa9586a377fb272c2605a8e03e23d5e0111
parent	c694471b2149e97e4f49c1742ffb17cbdb330ac4 [diff]