RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-04-27 05:18:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

MINOR: global: always export some SSL-specific metrics

Browse Source 
We'll need to know the number of SSL connections, their use and their
cost soon. In order to avoid getting tons of ifdefs everywhere, always
export SSL information in the global section. We add two flags to know
whether or not SSL is used in a frontend and in a backend.
This commit is contained in:
Willy Tarreau 2015-01-15 21:32:40 +01:00
parent 3ca1a883f9
commit fce03113fa
2 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
include/types/global.h
View File

@ -83,8 +83,10 @@ struct global {
int external_check;
int nbproc;
int maxconn, hardmaxconn;
#ifdef USE_OPENSSL
int maxsslconn;
int ssl_used_frontend; /* non-zero if SSL is used in a frontend */
int ssl_used_backend; /* non-zero if SSL is used in a backend */
#ifdef USE_OPENSSL
char *listen_default_ciphers;
char *connect_default_ciphers;
int listen_default_ssloptions;
@ -138,8 +140,8 @@ struct global {
int pipesize; /* pipe size in bytes, system defaults if zero */
int max_http_hdr; /* max number of HTTP headers, use MAX_HTTP_HDR if zero */
int cookie_len; /* max length of cookie captures */
#ifdef USE_OPENSSL
int sslcachesize; /* SSL cache size in session, defaults to 20000 */
#ifdef USE_OPENSSL
int sslprivatecache; /* Force to use a private session cache even if nbproc > 1 */
unsigned int ssllifetime; /* SSL session lifetime in seconds */
unsigned int ssl_max_record; /* SSL max record size */

8
src/ssl_sock.c
View File

@ -1820,7 +1820,10 @@ int ssl_sock_prepare_srv_ctx(struct server *srv, struct proxy *curproxy)
cfgerr++;
}
/* Initiate SSL context for current server */
/* Automatic memory computations need to know we use SSL there */
global.ssl_used_backend = 1;
/* Initiate SSL context for current server */
srv->ssl_ctx.reused_sess = NULL;
if (srv->use_ssl)
srv->xprt = &ssl_sock;
@ -1962,6 +1965,9 @@ int ssl_sock_prepare_all_ctx(struct bind_conf *bind_conf, struct proxy *px)
if (!bind_conf || !bind_conf->is_ssl)
return 0;
/* Automatic memory computations need to know we use SSL there */
global.ssl_used_frontend = 1;
if (bind_conf->default_ctx)
err += ssl_sock_prepare_ctx(bind_conf, bind_conf->default_ctx, px);