This patch introduces the new function Conf_SSLInUse() to check when the
current server configuration requires the SSL subsystem to be initialized
and accounts incoming as well as outgoing connections -- so this fixes
commit
bb20aeb9 ("Initialize SSL when needed only, and disable SSL on
errors") which only handled the inbound case ...
Tested-by: Brett Smith <brett@w3.org>
array_free(&Conf_SSLOptions.ListenPorts);
}
array_free(&Conf_SSLOptions.ListenPorts);
}
+/**
+ * Check if the current configuration uses/requires SSL.
+ *
+ * @returns true if SSL is used and should be initialized.
+ */
+GLOBAL bool
+Conf_SSLInUse(void)
+{
+ int i;
+
+ /* SSL listen ports configured? */
+ if (array_bytes(&Conf_SSLOptions.ListenPorts))
+ return true;
+
+ for (i = 0; i < MAX_SERVERS; i++) {
+ if (Conf_Server[i].port > 0
+ && Conf_Server[i].SSLConnect)
+ return true;
+ }
+ return false;
+}
+
/**
* Make sure that a configured file is readable.
*
/**
* Make sure that a configured file is readable.
*
GLOBAL bool Conf_NickIsService PARAMS((int ConfServer, const char *Nick));
GLOBAL bool Conf_NickIsBlocked PARAMS((const char *Nick));
GLOBAL bool Conf_NickIsService PARAMS((int ConfServer, const char *Nick));
GLOBAL bool Conf_NickIsBlocked PARAMS((const char *Nick));
+#ifdef SSL_SUPPORT
+GLOBAL bool Conf_SSLInUse PARAMS((void));
+#endif
+
/* Password required by WEBIRC command */
GLOBAL char Conf_WebircPwd[CLIENT_PASS_LEN];
/* Password required by WEBIRC command */
GLOBAL char Conf_WebircPwd[CLIENT_PASS_LEN];
bool
ConnSSL_InitLibrary( void )
{
bool
ConnSSL_InitLibrary( void )
{
- if (!array_bytes(&Conf_SSLOptions.ListenPorts))
+ if (!Conf_SSLInUse()) {
+ LogDebug("SSL not in use, skipping initialization.");
#ifdef HAVE_LIBSSL
SSL_CTX *newctx;
#ifdef HAVE_LIBSSL
SSL_CTX *newctx;