Hello,
This patchset is an attempt to add a new command for configure ssl on
server at runtime:
- the first patch adds the possibility to observe the change on a `show
servers state`.
- the two next ones are only here to prepare the last one to add the
command. I added them separatly to facilitate the review.
`ssl_sock_prepare_srv_ctx` protection is not mandatory but I found it
safer while writing my patch.
- the last one is adding the new command. I'm not 100% sure of the
consequences of`prepare_srv` and `destroy_srv` but from what I read
and tested, it seems ok.
---
changed in v2:
- patch1/4: reorder parameters to match format string
- patch3/4: reorder includes, error introduced while splitting my patch.
changed in v3:
- reorg to allow build without USE_OPENSSL
---
William Dauchy (4):
MINOR: cli/proxy: add `srv_use_ssl` to `show servers state`
MINOR: ssl: protect ssl_sock_prepare_srv_ctx from double ctx
allocation
MINOR: ssl: create common ssl_ctx init
MINOR: cli/ssl: configure ssl on server at runtime
doc/management.txt | 4 ++++
include/haproxy/server-t.h | 3 ++-
include/haproxy/ssl_sock.h | 2 ++
src/cfgparse-ssl.c | 46 ++++++++++++++++----------------------
src/proxy.c | 5 +++--
src/server.c | 16 ++++++++++++-
src/ssl_sock.c | 39 +++++++++++++++++++++++++++++---
7 files changed, 81 insertions(+), 34 deletions(-)
--
2.28.0
