REORG: ssl: move structures to ssl_sock.h
diff --git a/include/types/ssl_sock.h b/include/types/ssl_sock.h
index 0c86357..e0b1a80 100644
--- a/include/types/ssl_sock.h
+++ b/include/types/ssl_sock.h
@@ -85,5 +85,50 @@
unsigned char key_data[SSL_MAX_SSL_SESSION_ID_LENGTH];
};
+/* This is used to preload the certifcate, private key
+ * and Cert Chain of a file passed in via the crt
+ * argument
+ *
+ * This way, we do not have to read the file multiple times
+ */
+struct cert_key_and_chain {
+ X509 *cert;
+ EVP_PKEY *key;
+ STACK_OF(X509) *chain;
+ DH *dh;
+};
+
+/*
+ * this is used to store 1 to SSL_SOCK_NUM_KEYTYPES cert_key_and_chain and
+ * metadata.
+ */
+struct ckch_store {
+ struct cert_key_and_chain *ckch;
+ int multi; /* is it a multi-cert bundle ? */
+ struct ebmb_node node;
+ char path[0];
+};
+
+
+#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
+
+#define SSL_SOCK_POSSIBLE_KT_COMBOS (1<<(SSL_SOCK_NUM_KEYTYPES))
+
+struct key_combo_ctx {
+ SSL_CTX *ctx;
+ int order;
+};
+
+/* Map used for processing multiple keypairs for a single purpose
+ *
+ * This maps CN/SNI name to certificate type
+ */
+struct sni_keytype {
+ int keytypes; /* BITMASK for keytypes */
+ struct ebmb_node name; /* node holding the servername value */
+};
+
+#endif
+
#endif /* USE_OPENSSL */
#endif /* _TYPES_SSL_SOCK_H */
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 12f367d..9f6d2b6 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -2797,58 +2797,11 @@
return order;
}
-
-/* The following code is used for loading multiple crt files into
- * SSL_CTX's based on CN/SAN
- */
-/* This is used to preload the certifcate, private key
- * and Cert Chain of a file passed in via the crt
- * argument
- *
- * This way, we do not have to read the file multiple times
- */
-struct cert_key_and_chain {
- X509 *cert;
- EVP_PKEY *key;
- STACK_OF(X509) *chain;
- DH *dh;
-};
-
-/*
- * this is used to store 1 to SSL_SOCK_NUM_KEYTYPES cert_key_and_chain and
- * metadata.
- */
-struct ckch_store {
- struct cert_key_and_chain *ckch;
- int multi; /* is it a multi-cert bundle ? */
- struct ebmb_node node;
- char path[0];
-};
-
/*
* tree used to store the ckchs ordered by filename/bundle name
*/
struct eb_root ckchs_tree = EB_ROOT_UNIQUE;
-#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
-
-#define SSL_SOCK_POSSIBLE_KT_COMBOS (1<<(SSL_SOCK_NUM_KEYTYPES))
-
-struct key_combo_ctx {
- SSL_CTX *ctx;
- int order;
-};
-
-/* Map used for processing multiple keypairs for a single purpose
- *
- * This maps CN/SNI name to certificate type
- */
-struct sni_keytype {
- int keytypes; /* BITMASK for keytypes */
- struct ebmb_node name; /* node holding the servername value */
-};
-
-#endif
/* Loads Diffie-Hellman parameter from a ckchs. Returns 1 if loaded, else -1
if an error occurred, and 0 if parameter not found. */