mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2025-08-05 22:56:57 +02:00
fb7b46d267
Due to the support of different TLS/SSL libraries and its different versions, sometimes we are forced to use different internal typedefs and callback functions. We strive to avoid this, but time to time "#ifdef... #endif" become inevitable. In particular, in ssl_sock_load_ocsp() we define a 'callback' variable, which will contain a function pointer to our OCSP stapling callback, assigned further via SSL_CTX_set_tlsext_status_cb() to the intenal SSL context struct in a linked crypto library. If this linked crypto library is OpenSSL 1.x.x/3.x.x, for setting and getting this callback we have the following API signatures (see doc/man3/SSL_CTX_set_tlsext_status_cb.pod): long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx, int (**callback)(SSL *, void *)); long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, int (*callback)(SSL *, void *)); If we are using WolfSSL, same APIs expect tlsextStatusCb function prototype, provided via the typedef below (see wolfssl/wolfssl/ssl.h): typedef int(*tlsextStatusCb)(WOLFSSL* ssl, void*); WOLFSSL_API int wolfSSL_CTX_get_tlsext_status_cb(WOLFSSL_CTX* ctx, tlsextStatusCb* cb); WOLFSSL_API int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx, tlsextStatusCb cb); It seems, that in OpenSSL < 1.0.0, there was no support for OCSP extention, so no need to set this callback. Let's avoid #ifndef... #endif for this 'callback' variable definition to keep things clear. #ifndef... #endif are usually less readable, than straightforward "#ifdef... #endif". |
||
|---|---|---|
| .github | ||
| addons | ||
| admin | ||
| dev | ||
| doc | ||
| examples | ||
| include | ||
| reg-tests | ||
| scripts | ||
| src | ||
| tests | ||
| .cirrus.yml | ||
| .gitattributes | ||
| .gitignore | ||
| .mailmap | ||
| .travis.yml | ||
| BRANCHES | ||
| BSDmakefile | ||
| CHANGELOG | ||
| CONTRIBUTING | ||
| INSTALL | ||
| LICENSE | ||
| MAINTAINERS | ||
| Makefile | ||
| README | ||
| SUBVERS | ||
| VERDATE | ||
| VERSION | ||
The HAProxy documentation has been split into a number of different files for ease of use. Please refer to the following files depending on what you're looking for : - INSTALL for instructions on how to build and install HAProxy - BRANCHES to understand the project's life cycle and what version to use - LICENSE for the project's license - CONTRIBUTING for the process to follow to submit contributions The more detailed documentation is located into the doc/ directory : - doc/intro.txt for a quick introduction on HAProxy - doc/configuration.txt for the configuration's reference manual - doc/lua.txt for the Lua's reference manual - doc/SPOE.txt for how to use the SPOE engine - doc/network-namespaces.txt for how to use network namespaces under Linux - doc/management.txt for the management guide - doc/regression-testing.txt for how to use the regression testing suite - doc/peers.txt for the peers protocol reference - doc/coding-style.txt for how to adopt HAProxy's coding style - doc/internals for developer-specific documentation (not all up to date)