MINOR: cfgparse: move parsing of "ca-base" and "crt-base" to ssl_sock

This removes 2 #ifdefs and makes the code much cleaner. The controls
are still there and the two parsers have been merged into a single
function ssl_parse_global_ca_crt_base().

It's worth noting that there's still a check to prevent a change when
the value was already specified. This test seems useless and possibly
counter-productive, it may have to be revisited later, but for now it
was implemented identically.

src/cfgparse.c

@@ -627,48 +627,6 @@ int cfg_parse_global(const char *file, int linenum, char **args, int kwm)
 		alertif_too_many_args(0, file, linenum, args, &err_code);
 		goto out;
 	}
-	else if (!strcmp(args[0], "ca-base")) {
-#ifdef USE_OPENSSL
-		if(alertif_too_many_args(1, file, linenum, args, &err_code))
-			goto out;
-		if (global.ca_base != NULL) {
-			Alert("parsing [%s:%d] : '%s' already specified. Continuing.\n", file, linenum, args[0]);
-			err_code |= ERR_ALERT;
-			goto out;
-		}
-		if (*(args[1]) == 0) {
-			Alert("parsing [%s:%d] : '%s' expects a directory path as an argument.\n", file, linenum, args[0]);
-			err_code |= ERR_ALERT | ERR_FATAL;
-			goto out;
-		}
-		global.ca_base = strdup(args[1]);
-#else
-		Alert("parsing [%s:%d] : '%s' is not implemented.\n", file, linenum, args[0]);
-		err_code |= ERR_ALERT | ERR_FATAL;
-		goto out;
-#endif
-	}
-	else if (!strcmp(args[0], "crt-base")) {
-#ifdef USE_OPENSSL
-		if (alertif_too_many_args(1, file, linenum, args, &err_code))
-			goto out;
-		if (global.crt_base != NULL) {
-			Alert("parsing [%s:%d] : '%s' already specified. Continuing.\n", file, linenum, args[0]);
-			err_code |= ERR_ALERT;
-			goto out;
-		}
-		if (*(args[1]) == 0) {
-			Alert("parsing [%s:%d] : '%s' expects a directory path as an argument.\n", file, linenum, args[0]);
-			err_code |= ERR_ALERT | ERR_FATAL;
-			goto out;
-		}
-		global.crt_base = strdup(args[1]);
-#else
-		Alert("parsing [%s:%d] : '%s' is not implemented.\n", file, linenum, args[0]);
-		err_code |= ERR_ALERT | ERR_FATAL;
-		goto out;
-#endif
-	}
 	else if (!strcmp(args[0], "daemon")) {
 		if (alertif_too_many_args(0, file, linenum, args, &err_code))
 			goto out;

src/ssl_sock.c

@@ -5983,6 +5983,33 @@ static int ssl_parse_default_server_options(char **args, int section_type, struc
 	return 0;
 }
 
+/* parse the "ca-base" / "crt-base" keywords in global section.
+ * Returns <0 on alert, >0 on warning, 0 on success.
+ */
+static int ssl_parse_global_ca_crt_base(char **args, int section_type, struct proxy *curpx,
+                                        struct proxy *defpx, const char *file, int line,
+                                        char **err)
+{
+	char **target;
+
+	target = (args[0][1] == 'a') ? &global.ca_base : &global.crt_base;
+
+	if (too_many_args(1, args, err, NULL))
+		return -1;
+
+	if (*target) {
+		memprintf(err, "'%s' already specified.", args[0]);
+		return -1;
+	}
+
+	if (*(args[1]) == 0) {
+		memprintf(err, "global statement '%s' expects a directory path as an argument.", args[0]);
+		return -1;
+	}
+	*target = strdup(args[1]);
+	return 0;
+}
+
 /* This function is used with TLS ticket keys management. It permits to browse
  * each reference. The variable <getnext> must contain the current node,
  * <end> point to the root node.
@@ -6380,6 +6407,8 @@ static struct srv_kw_list srv_kws = { "SSL", { }, {
 }};
 
 static struct cfg_kw_list cfg_kws = {ILH, {
+	{ CFG_GLOBAL, "ca-base",  ssl_parse_global_ca_crt_base },
+	{ CFG_GLOBAL, "crt-base", ssl_parse_global_ca_crt_base },
 	{ CFG_GLOBAL, "ssl-default-bind-options", ssl_parse_default_bind_options },
 	{ CFG_GLOBAL, "ssl-default-server-options", ssl_parse_default_server_options },
 	{ 0, NULL, NULL },