MEDIUM: config: replace ssl_conf by bind_conf
Some settings need to be merged per-bind config line and are not necessarily
SSL-specific. It becomes quite inconvenient to have this ssl_conf SSL-specific,
so let's replace it with something more generic.
diff --git a/include/proto/listener.h b/include/proto/listener.h
index 415b913..4019ff1 100644
--- a/include/proto/listener.h
+++ b/include/proto/listener.h
@@ -105,21 +105,21 @@
*/
int listener_accept(int fd);
-/* allocate an ssl_conf struct for a bind line, and chain it to list head <lh>.
+/* allocate an bind_conf struct for a bind line, and chain it to list head <lh>.
* If <arg> is not NULL, it is duplicated into ->arg to store useful config
* information for error reporting.
*/
-static inline struct ssl_conf *ssl_conf_alloc(struct list *lh, const char *file, int line, const char *arg)
+static inline struct bind_conf *bind_conf_alloc(struct list *lh, const char *file, int line, const char *arg)
{
- struct ssl_conf *ssl_conf = (void *)calloc(1, sizeof(struct ssl_conf));
+ struct bind_conf *bind_conf = (void *)calloc(1, sizeof(struct bind_conf));
- ssl_conf->file = strdup(file);
- ssl_conf->line = line;
+ bind_conf->file = strdup(file);
+ bind_conf->line = line;
if (lh)
- LIST_ADDQ(lh, &ssl_conf->by_fe);
+ LIST_ADDQ(lh, &bind_conf->by_fe);
if (arg)
- ssl_conf->arg = strdup(arg);
- return ssl_conf;
+ bind_conf->arg = strdup(arg);
+ return bind_conf;
}
#endif /* _PROTO_LISTENER_H */
diff --git a/include/proto/ssl_sock.h b/include/proto/ssl_sock.h
index 6192fe8..4bff954 100644
--- a/include/proto/ssl_sock.h
+++ b/include/proto/ssl_sock.h
@@ -30,11 +30,11 @@
extern struct data_ops ssl_sock;
int ssl_sock_handshake(struct connection *conn, unsigned int flag);
-int ssl_sock_load_cert(char *path, struct ssl_conf *ssl_conf, struct proxy *proxy);
-int ssl_sock_prepare_ctx(struct ssl_conf *ssl_conf, SSL_CTX *ctx, struct proxy *proxy);
-void ssl_sock_free_certs(struct ssl_conf *ssl_conf);
-int ssl_sock_prepare_all_ctx(struct ssl_conf *ssl_conf, struct proxy *px);
-void ssl_sock_free_all_ctx(struct ssl_conf *ssl_conf);
+int ssl_sock_load_cert(char *path, struct bind_conf *bind_conf, struct proxy *proxy);
+int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, SSL_CTX *ctx, struct proxy *proxy);
+void ssl_sock_free_certs(struct bind_conf *bind_conf);
+int ssl_sock_prepare_all_ctx(struct bind_conf *bind_conf, struct proxy *px);
+void ssl_sock_free_all_ctx(struct bind_conf *bind_conf);
#endif /* _PROTO_SSL_SOCK_H */
diff --git a/include/types/listener.h b/include/types/listener.h
index 78195ec..0985329 100644
--- a/include/types/listener.h
+++ b/include/types/listener.h
@@ -93,8 +93,8 @@
* maxconn setting to the global.maxsock value so that its resources are reserved.
*/
-/* "bind" line SSL settings */
-struct ssl_conf {
+/* "bind" line settings */
+struct bind_conf {
#ifdef USE_OPENSSL
char *ciphers; /* cipher suite to use if non-null */
int nosslv3; /* disable SSLv3 */
@@ -104,7 +104,7 @@
struct eb_root sni_ctx; /* sni_ctx tree of all known certs full-names sorted by name */
struct eb_root sni_w_ctx; /* sni_ctx tree of all known certs wildcards sorted by name */
#endif
- int ref_cnt; /* number of users of this config, maybe 0 on error */
+ int is_ssl; /* SSL is required for these listeners */
struct list by_fe; /* next binding for the same frontend, or NULL */
char *arg; /* argument passed to "bind" for better error reporting */
char *file; /* file where the section appears */
@@ -147,7 +147,7 @@
char *interface; /* interface name or NULL */
int maxseg; /* for TCP, advertised MSS */
- struct ssl_conf *ssl_conf; /* SSL settings, otherwise NULL */
+ struct bind_conf *bind_conf; /* "bind" line settings, include SSL settings among other things */
/* warning: this struct is huge, keep it at the bottom */
struct sockaddr_storage addr; /* the address we listen to */
diff --git a/include/types/proxy.h b/include/types/proxy.h
index a2355d5..dde002a 100644
--- a/include/types/proxy.h
+++ b/include/types/proxy.h
@@ -360,7 +360,7 @@
struct eb32_node id; /* place in the tree of used IDs */
struct eb_root used_listener_id;/* list of listener IDs in use */
struct eb_root used_server_id; /* list of server IDs in use */
- struct list ssl_bind; /* list of SSL bind settings */
+ struct list bind; /* list of bind settings */
} conf; /* config information */
void *parent; /* parent of the proxy when applicable */
};