MINOR: global: always export some SSL-specific metrics
We'll need to know the number of SSL connections, their use and their
cost soon. In order to avoid getting tons of ifdefs everywhere, always
export SSL information in the global section. We add two flags to know
whether or not SSL is used in a frontend and in a backend.
diff --git a/include/types/global.h b/include/types/global.h
index 22490b0..ab80c72 100644
--- a/include/types/global.h
+++ b/include/types/global.h
@@ -83,8 +83,10 @@
int external_check;
int nbproc;
int maxconn, hardmaxconn;
-#ifdef USE_OPENSSL
int maxsslconn;
+ int ssl_used_frontend; /* non-zero if SSL is used in a frontend */
+ int ssl_used_backend; /* non-zero if SSL is used in a backend */
+#ifdef USE_OPENSSL
char *listen_default_ciphers;
char *connect_default_ciphers;
int listen_default_ssloptions;
@@ -138,8 +140,8 @@
int pipesize; /* pipe size in bytes, system defaults if zero */
int max_http_hdr; /* max number of HTTP headers, use MAX_HTTP_HDR if zero */
int cookie_len; /* max length of cookie captures */
-#ifdef USE_OPENSSL
int sslcachesize; /* SSL cache size in session, defaults to 20000 */
+#ifdef USE_OPENSSL
int sslprivatecache; /* Force to use a private session cache even if nbproc > 1 */
unsigned int ssllifetime; /* SSL session lifetime in seconds */
unsigned int ssl_max_record; /* SSL max record size */
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 6edc149..3bf71cf 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -1820,7 +1820,10 @@
cfgerr++;
}
- /* Initiate SSL context for current server */
+ /* Automatic memory computations need to know we use SSL there */
+ global.ssl_used_backend = 1;
+
+ /* Initiate SSL context for current server */
srv->ssl_ctx.reused_sess = NULL;
if (srv->use_ssl)
srv->xprt = &ssl_sock;
@@ -1962,6 +1965,9 @@
if (!bind_conf || !bind_conf->is_ssl)
return 0;
+ /* Automatic memory computations need to know we use SSL there */
+ global.ssl_used_frontend = 1;
+
if (bind_conf->default_ctx)
err += ssl_sock_prepare_ctx(bind_conf, bind_conf->default_ctx, px);