CLEANUP: ssl: make inclusion of openssl headers safe
It's always a pain to have to stuff lots of #ifdef USE_OPENSSL around
ssl headers, it even results in some of them appearing in a random order
and multiple times just to benefit form an existing ifdef block. Let's
make these headers safe for inclusion when USE_OPENSSL is not defined,
they now perform the test themselves and do nothing if USE_OPENSSL is
not defined. This allows to remove no less than 8 such ifdef blocks
and make include blocks more readable.
diff --git a/include/common/openssl-compat.h b/include/common/openssl-compat.h
index 0ceca08..55d874d 100644
--- a/include/common/openssl-compat.h
+++ b/include/common/openssl-compat.h
@@ -1,5 +1,6 @@
#ifndef _COMMON_OPENSSL_COMPAT_H
#define _COMMON_OPENSSL_COMPAT_H
+#ifdef USE_OPENSSL
#include <openssl/bn.h>
#include <openssl/crypto.h>
@@ -233,4 +234,5 @@
#define TLS_TICKET_HASH_FUNCT EVP_sha256
#endif /* OPENSSL_NO_SHA256 */
+#endif /* USE_OPENSSL */
#endif /* _COMMON_OPENSSL_COMPAT_H */
diff --git a/include/proto/ssl_sock.h b/include/proto/ssl_sock.h
index f3d3ff8..23507ca 100644
--- a/include/proto/ssl_sock.h
+++ b/include/proto/ssl_sock.h
@@ -21,6 +21,8 @@
#ifndef _PROTO_SSL_SOCK_H
#define _PROTO_SSL_SOCK_H
+#ifdef USE_OPENSSL
+
#include <common/openssl-compat.h>
#include <types/connection.h>
@@ -28,6 +30,8 @@
#include <types/proxy.h>
#include <types/stream_interface.h>
+#include <proto/connection.h>
+
extern int sslconns;
extern int totalsslconns;
@@ -99,6 +103,7 @@
#define sh_ssl_sess_tree_lookup(k) (struct sh_ssl_sess_hdr *)ebmb_lookup(sh_ssl_sess_tree, \
(k), SSL_MAX_SSL_SESSION_ID_LENGTH);
+#endif /* USE_OPENSSL */
#endif /* _PROTO_SSL_SOCK_H */
/*
diff --git a/include/types/server.h b/include/types/server.h
index 2951cf6..0d53d26 100644
--- a/include/types/server.h
+++ b/include/types/server.h
@@ -25,14 +25,10 @@
#include <netinet/in.h>
#include <arpa/inet.h>
-#ifdef USE_OPENSSL
-#include <common/openssl-compat.h>
-#include <types/ssl_sock.h>
-#endif
-
#include <common/config.h>
#include <common/mini-clist.h>
#include <common/hathreads.h>
+#include <common/openssl-compat.h>
#include <eb32tree.h>
@@ -43,6 +39,7 @@
#include <types/obj_type.h>
#include <types/proxy.h>
#include <types/queue.h>
+#include <types/ssl_sock.h>
#include <types/task.h>
#include <types/checks.h>
diff --git a/include/types/ssl_sock.h b/include/types/ssl_sock.h
index 45f89c9..0c86357 100644
--- a/include/types/ssl_sock.h
+++ b/include/types/ssl_sock.h
@@ -21,6 +21,7 @@
#ifndef _TYPES_SSL_SOCK_H
#define _TYPES_SSL_SOCK_H
+#ifdef USE_OPENSSL
#include <ebmbtree.h>
@@ -84,4 +85,5 @@
unsigned char key_data[SSL_MAX_SSL_SESSION_ID_LENGTH];
};
+#endif /* USE_OPENSSL */
#endif /* _TYPES_SSL_SOCK_H */
diff --git a/src/backend.c b/src/backend.c
index b7894f8..467ef57 100644
--- a/src/backend.c
+++ b/src/backend.c
@@ -57,11 +57,8 @@
#include <proto/session.h>
#include <proto/stream.h>
#include <proto/stream_interface.h>
-#include <proto/task.h>
-
-#ifdef USE_OPENSSL
#include <proto/ssl_sock.h>
-#endif /* USE_OPENSSL */
+#include <proto/task.h>
int be_lastsession(const struct proxy *be)
{
diff --git a/src/checks.c b/src/checks.c
index 63d9e03..d264aec 100644
--- a/src/checks.c
+++ b/src/checks.c
@@ -60,10 +60,7 @@
#include <proto/log.h>
#include <proto/dns.h>
#include <proto/proto_udp.h>
-
-#ifdef USE_OPENSSL
#include <proto/ssl_sock.h>
-#endif /* USE_OPENSSL */
static int httpchk_expect(struct server *s, int done);
static int tcpcheck_get_step_id(struct check *);
diff --git a/src/cli.c b/src/cli.c
index fe50d9d..3aa5f23 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -66,12 +66,10 @@
#include <proto/session.h>
#include <proto/stream.h>
#include <proto/server.h>
+#include <proto/ssl_sock.h>
#include <proto/stream_interface.h>
#include <proto/task.h>
#include <proto/proto_udp.h>
-#ifdef USE_OPENSSL
-#include <proto/ssl_sock.h>
-#endif
#define PAYLOAD_PATTERN "<<"
diff --git a/src/connection.c b/src/connection.c
index 2a66996..adedb41 100644
--- a/src/connection.c
+++ b/src/connection.c
@@ -25,10 +25,7 @@
#include <proto/proto_tcp.h>
#include <proto/stream_interface.h>
#include <proto/sample.h>
-
-#ifdef USE_OPENSSL
#include <proto/ssl_sock.h>
-#endif
DECLARE_POOL(pool_head_connection, "connection", sizeof(struct connection));
DECLARE_POOL(pool_head_connstream, "conn_stream", sizeof(struct conn_stream));
diff --git a/src/haproxy.c b/src/haproxy.c
index e085ce2..a47b7dd 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -83,6 +83,7 @@
#include <common/memory.h>
#include <common/mini-clist.h>
#include <common/namespace.h>
+#include <common/openssl-compat.h>
#include <common/regex.h>
#include <common/standard.h>
#include <common/time.h>
@@ -125,10 +126,7 @@
#include <proto/task.h>
#include <proto/dns.h>
#include <proto/vars.h>
-#ifdef USE_OPENSSL
-#include <common/openssl-compat.h>
#include <proto/ssl_sock.h>
-#endif
/* array of init calls for older platforms */
DECLARE_INIT_STAGES;
diff --git a/src/log.c b/src/log.c
index a075b85..7e14d89 100644
--- a/src/log.c
+++ b/src/log.c
@@ -39,11 +39,9 @@
#include <proto/frontend.h>
#include <proto/log.h>
#include <proto/sample.h>
+#include <proto/ssl_sock.h>
#include <proto/stream.h>
#include <proto/stream_interface.h>
-#ifdef USE_OPENSSL
-#include <proto/ssl_sock.h>
-#endif
struct log_fmt {
char *name;
diff --git a/src/stats.c b/src/stats.c
index 6965ad2..dc57e85 100644
--- a/src/stats.c
+++ b/src/stats.c
@@ -66,17 +66,13 @@
#include <proto/proxy.h>
#include <proto/sample.h>
#include <proto/session.h>
+#include <proto/ssl_sock.h>
#include <proto/stream.h>
#include <proto/server.h>
#include <proto/raw_sock.h>
#include <proto/stream_interface.h>
#include <proto/task.h>
-#ifdef USE_OPENSSL
-#include <proto/ssl_sock.h>
-#include <types/ssl_sock.h>
-#endif
-
/* status codes available for the stats admin page (strictly 4 chars length) */
const char *stat_status_codes[STAT_STATUS_SIZE] = {