CLEANUP: ssl/server: move ssl_sock_set_srv() to srv_set_ssl() in server.c
This one has nothing to do with ssl_sock as it manipulates the struct
server only. Let's move it to server.c and remove unneeded dependencies
on ssl_sock.h. This further reduces by 10% the number of includes of
opensslconf.h and by 0.5% the number of compiled lines.
diff --git a/include/haproxy/server.h b/include/haproxy/server.h
index 99d26ba..b7195cb 100644
--- a/include/haproxy/server.h
+++ b/include/haproxy/server.h
@@ -62,6 +62,7 @@
void srv_take(struct server *srv);
struct server *srv_drop(struct server *srv);
int srv_init_per_thr(struct server *srv);
+void srv_set_ssl(struct server *s, int use_ssl);
/* functions related to server name resolution */
int srv_prepare_for_resolution(struct server *srv, const char *hostname);
diff --git a/include/haproxy/ssl_sock.h b/include/haproxy/ssl_sock.h
index f3afe61..2fdf8e2 100644
--- a/include/haproxy/ssl_sock.h
+++ b/include/haproxy/ssl_sock.h
@@ -73,7 +73,6 @@
int ssl_sock_parse_alpn(char *arg, char **alpn_str, int *alpn_len, char **err);
void ssl_sock_set_alpn(struct connection *conn, const unsigned char *, int);
void ssl_sock_set_servername(struct connection *conn, const char *hostname);
-void ssl_sock_set_srv(struct server *s, signed char use_ssl);
int ssl_sock_get_cert_used_sess(struct connection *conn);
int ssl_sock_get_cert_used_conn(struct connection *conn);
diff --git a/src/server.c b/src/server.c
index 5d6e4b1..73454bc 100644
--- a/src/server.c
+++ b/src/server.c
@@ -36,7 +36,6 @@
#include <haproxy/resolvers.h>
#include <haproxy/sample.h>
#include <haproxy/server.h>
-#include <haproxy/ssl_sock.h>
#include <haproxy/stats.h>
#include <haproxy/stream.h>
#include <haproxy/stream_interface.h>
@@ -1977,7 +1976,25 @@
}
}
}
-#endif
+
+/* Activate ssl on server <s>.
+ * do nothing if there is no change to apply
+ *
+ * Must be called with the server lock held.
+ */
+void srv_set_ssl(struct server *s, int use_ssl)
+{
+ if (s->use_ssl == use_ssl)
+ return;
+
+ s->use_ssl = use_ssl;
+ if (s->use_ssl)
+ s->xprt = xprt_get(XPRT_SSL);
+ else
+ s->xprt = s->check.xprt = s->agent.xprt = xprt_get(XPRT_RAW);
+}
+
+#endif /* USE_OPENSSL */
/*
* Prepare <srv> for hostname resolution.
@@ -4144,9 +4161,9 @@
HA_SPIN_LOCK(SERVER_LOCK, &sv->lock);
if (strcmp(args[4], "on") == 0) {
- ssl_sock_set_srv(sv, 1);
+ srv_set_ssl(sv, 1);
} else if (strcmp(args[4], "off") == 0) {
- ssl_sock_set_srv(sv, 0);
+ srv_set_ssl(sv, 0);
} else {
HA_SPIN_UNLOCK(SERVER_LOCK, &sv->lock);
cli_err(appctx, "'set server <srv> ssl' expects 'on' or 'off'.\n");
diff --git a/src/server_state.c b/src/server_state.c
index b9ae9ed..a831d57 100644
--- a/src/server_state.c
+++ b/src/server_state.c
@@ -26,7 +26,6 @@
#include <haproxy/proxy.h>
#include <haproxy/resolvers.h>
#include <haproxy/server.h>
-#include <haproxy/ssl_sock.h>
#include <haproxy/tools.h>
#include <haproxy/xxhash.h>
@@ -447,7 +446,7 @@
/* configure ssl if connection has been initiated at startup */
if (srv->ssl_ctx.ctx != NULL)
- ssl_sock_set_srv(srv, use_ssl);
+ srv_set_ssl(srv, use_ssl);
#endif
}
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 8f7000d..ae28bca 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -7696,22 +7696,6 @@
BIO_meth_free(ha_meth);
}
-/* Activate ssl on server <s>.
- * do nothing if there is no change to apply
- *
- * Must be called with the server lock held.
- */
-void ssl_sock_set_srv(struct server *s, signed char use_ssl)
-{
- if (s->use_ssl == use_ssl)
- return;
-
- s->use_ssl = use_ssl;
- if (s->use_ssl == 1)
- s->xprt = &ssl_sock;
- else
- s->xprt = s->check.xprt = s->agent.xprt = xprt_get(XPRT_RAW);
-}
/*
* Local variables: