Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / aaacc7e8ad90acf1c82cfe32e8be81aeee3c2731^! / .
commitaaacc7e8ad90acf1c82cfe32e8be81aeee3c2731[log] [tgz]
authorWilliam Lallemand <wlallemand@haproxy.org>Thu Mar 24 17:48:40 2022 +0100
committerWilliam Lallemand <wlallemand@haproxy.org>Wed Mar 30 12:18:16 2022 +0200
tree95b47bd36bb2bf4a3a2f01e7752f36ad76b1e089
parent3b5a3a6c03da67a86a508f8a7866b64851ccec9b [diff]
MINOR: ssl: move the cert_exts and the CERT_TYPE enum

Move the cert_exts declaration and the CERT_TYPE enum in the .h in order
to reuse them in another file.

diff --git a/include/haproxy/ssl_ckch-t.h b/include/haproxy/ssl_ckch-t.h
index b5f14e5..f6c7f09 100644
--- a/include/haproxy/ssl_ckch-t.h
+++ b/include/haproxy/ssl_ckch-t.h

@@ -133,5 +133,25 @@
 	char path[0];
 };
 
+enum {
+	CERT_TYPE_PEM = 0,
+	CERT_TYPE_KEY,
+#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
+	CERT_TYPE_OCSP,
+#endif
+	CERT_TYPE_ISSUER,
+#ifdef HAVE_SSL_SCTL
+	CERT_TYPE_SCTL,
+#endif
+	CERT_TYPE_MAX,
+};
+
+struct cert_exts {
+	const char *ext;
+	int type;
+	int (*load)(const char *path, char *payload, struct cert_key_and_chain *ckch, char **err);
+	/* add a parsing callback */
+};
+
 #endif /* USE_OPENSSL */
 #endif /* _HAPROXY_SSL_CKCH_T_H */

diff --git a/include/haproxy/ssl_ckch.h b/include/haproxy/ssl_ckch.h
index 2eea807..3f2dc79 100644
--- a/include/haproxy/ssl_ckch.h
+++ b/include/haproxy/ssl_ckch.h

@@ -65,5 +65,7 @@
 int ssl_store_load_ca_from_buf(struct cafile_entry *ca_e, char *cert_buf);
 int ssl_store_load_locations_file(char *path, int create_if_none, enum cafile_type type);
 
+extern struct cert_exts cert_exts[];
+
 #endif /* USE_OPENSSL */
 #endif /* _HAPROXY_SSL_CRTLIST_H */

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index d5444df..9128e33 100644
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c

@@ -1116,25 +1116,7 @@
 
 /* Type of SSL payloads that can be updated over the CLI */
 
-enum {
-	CERT_TYPE_PEM = 0,
-	CERT_TYPE_KEY,
-#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
-	CERT_TYPE_OCSP,
-#endif
-	CERT_TYPE_ISSUER,
-#ifdef HAVE_SSL_SCTL
-	CERT_TYPE_SCTL,
-#endif
-	CERT_TYPE_MAX,
-};
-
-struct {
-	const char *ext;
-	int type;
-	int (*load)(const char *path, char *payload, struct cert_key_and_chain *ckch, char **err);
-	/* add a parsing callback */
-} cert_exts[CERT_TYPE_MAX+1] = {
+struct cert_exts cert_exts[CERT_TYPE_MAX+1] = {
 	[CERT_TYPE_PEM]    = { "",        CERT_TYPE_PEM,      &ssl_sock_load_pem_into_ckch }, /* default mode, no extensions */
 	[CERT_TYPE_KEY]    = { "key",     CERT_TYPE_KEY,      &ssl_sock_load_key_into_ckch },
 #if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)