From 17d4538044fc37b9b4cccdc21543b183d5b69a0b Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Thu, 22 Dec 2016 21:16:08 +0100
Subject: [PATCH] MINOR: ssl_sock: implement and use
 prepare_srv()/destroy_srv()

Now we can simply check the transport layer at run time and decide
whether or not to initialize or destroy these entries. This removes
other ifdefs and includes from cfgparse.c, haproxy.c and hlua.c.
---
 src/cfgparse.c | 14 +++++---------
 src/haproxy.c  |  9 +++++----
 src/hlua.c     |  4 ++--
 src/ssl_sock.c |  2 ++
 4 files changed, 14 insertions(+), 15 deletions(-)

diff --git a/src/cfgparse.c b/src/cfgparse.c
index 97adb9f2f..2f75c1660 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -84,11 +84,6 @@
 #include <proto/task.h>
 #include <proto/tcp_rules.h>
 
-#ifdef USE_OPENSSL
-#include <types/ssl_sock.h>
-#include <proto/ssl_sock.h>
-#include <proto/shctx.h>
-#endif /*USE_OPENSSL */
 
 /* This is the SSLv3 CLIENT HELLO packet used in conjunction with the
  * ssl-hello-chk option to ensure that the remote server speaks SSL.
@@ -8286,10 +8281,11 @@ out_uri_auth_compat:
 				newsrv->minconn = newsrv->maxconn;
 			}
 
-#ifdef USE_OPENSSL
-			if (newsrv->use_ssl || newsrv->check.use_ssl)
-				cfgerr += ssl_sock_prepare_srv_ctx(newsrv);
-#endif /* USE_OPENSSL */
+			/* this will also properly set the transport layer for prod and checks */
+			if (newsrv->use_ssl || newsrv->check.use_ssl) {
+				if (xprt_get(XPRT_SSL) && xprt_get(XPRT_SSL)->prepare_srv)
+					cfgerr += xprt_get(XPRT_SSL)->prepare_srv(newsrv);
+			}
 
 			/* set the check type on the server */
 			newsrv->check.type = curproxy->options2 & PR_O2_CHK_ANY;
diff --git a/src/haproxy.c b/src/haproxy.c
index adffda924..611371ca2 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -1446,10 +1446,11 @@ static void deinit(void)
 			free(s->agent.bo);
 			free(s->agent.send_string);
 			free((char*)s->conf.file);
-#ifdef USE_OPENSSL
-			if (s->use_ssl || s->check.use_ssl)
-				ssl_sock_free_srv_ctx(s);
-#endif
+
+			if (s->use_ssl || s->check.use_ssl) {
+				if (xprt_get(XPRT_SSL) && xprt_get(XPRT_SSL)->destroy_srv)
+					xprt_get(XPRT_SSL)->destroy_srv(s);
+			}
 			free(s);
 			s = s_next;
 		}/* end while(s) */
diff --git a/src/hlua.c b/src/hlua.c
index 0ed8ec99f..c343a7b39 100644
--- a/src/hlua.c
+++ b/src/hlua.c
@@ -48,7 +48,6 @@
 #include <proto/server.h>
 #include <proto/session.h>
 #include <proto/stream.h>
-#include <proto/ssl_sock.h>
 #include <proto/stream_interface.h>
 #include <proto/task.h>
 #include <proto/tcp_rules.h>
@@ -7697,7 +7696,8 @@ void hlua_init(void)
 	}
 
 	/* Initialize SSL server. */
-	ssl_sock_prepare_srv_ctx(&socket_ssl);
+	if (socket_ssl.xprt->prepare_srv)
+		socket_ssl.xprt->prepare_srv(&socket_ssl);
 #endif
 
 	RESET_SAFE_LJMP(gL.T);
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index f5d4920a9..b39f3264e 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -6660,6 +6660,8 @@ static struct xprt_ops ssl_sock = {
 	.init     = ssl_sock_init,
 	.prepare_bind_conf = ssl_sock_prepare_bind_conf,
 	.destroy_bind_conf = ssl_sock_destroy_bind_conf,
+	.prepare_srv = ssl_sock_prepare_srv_ctx,
+	.destroy_srv = ssl_sock_free_srv_ctx,
 	.name     = "SSL",
 };