diff options
Diffstat (limited to '')
| -rw-r--r-- | include/haproxy/listener-t.h | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/include/haproxy/listener-t.h b/include/haproxy/listener-t.h index 7f5e52a..b9a8447 100644 --- a/include/haproxy/listener-t.h +++ b/include/haproxy/listener-t.h @@ -28,6 +28,7 @@ #include <import/ebtree-t.h> #include <haproxy/api-t.h> +#include <haproxy/guid-t.h> #include <haproxy/obj_type-t.h> #include <haproxy/quic_cc-t.h> #include <haproxy/quic_sock-t.h> @@ -138,7 +139,6 @@ struct ssl_bind_conf { unsigned int verify:3; /* verify method (set of SSL_VERIFY_* flags) */ unsigned int no_ca_names:1;/* do not send ca names to clients (ca_file related) */ unsigned int early_data:1; /* early data allowed */ - unsigned int ocsp_update:2;/* enable OCSP auto update */ char *ca_file; /* CAfile to use on verify and ca-names */ char *ca_verify_file; /* CAverify file to use on verify only */ char *crl_file; /* CRLfile to use on verify */ @@ -169,9 +169,6 @@ struct bind_conf { unsigned long long ca_ignerr_bitfield[IGNERR_BF_SIZE]; /* ignored verify errors in handshake if depth > 0 */ unsigned long long crt_ignerr_bitfield[IGNERR_BF_SIZE]; /* ignored verify errors in handshake if depth == 0 */ void *initial_ctx; /* SSL context for initial negotiation */ - void *default_ctx; /* SSL context of first/default certificate */ - struct ckch_inst *default_inst; - struct ssl_bind_conf *default_ssl_conf; /* custom SSL conf of default_ctx */ int strict_sni; /* refuse negotiation if sni doesn't match a certificate */ int ssl_options; /* ssl options */ struct eb_root sni_ctx; /* sni_ctx tree of all known certs full-names sorted by name */ @@ -210,6 +207,8 @@ struct bind_conf { char *arg; /* argument passed to "bind" for better error reporting */ char *file; /* file where the section appears */ int line; /* line where the section appears */ + char *guid_prefix; /* prefix for listeners GUID */ + size_t guid_idx; /* next index for listeners GUID generation */ char *rhttp_srvname; /* name of server when using "rhttp@" address */ int rhttp_nbconn; /* count of connections to initiate in parallel */ __decl_thread(HA_RWLOCK_T sni_lock); /* lock the SNI trees during add/del operations */ @@ -255,6 +254,8 @@ struct listener { struct eb32_node id; /* place in the tree of used IDs */ } conf; /* config information */ + struct guid_node guid; /* GUID global tree node */ + struct li_per_thread *per_thr; /* per-thread fields (one per thread in the group) */ EXTRA_COUNTERS(extra_counters); |