REORG: ssl: move ssl configuration to cfgparse-ssl.c

Move all the configuration parsing of the ssl keywords in cfgparse-ssl.c

Makefile

@@ -542,7 +542,7 @@ OPTIONS_LDFLAGS += $(if $(SSL_LIB),-L$(SSL_LIB)) -lssl -lcrypto
 ifneq ($(USE_DL),)
 OPTIONS_LDFLAGS += -ldl
 endif
-OPTIONS_OBJS  += src/ssl_sock.o src/ssl_crtlist.o src/ssl_ckch.o
+OPTIONS_OBJS  += src/ssl_sock.o src/ssl_crtlist.o src/ssl_ckch.o src/cfgparse-ssl.o
 endif
 
 # The private cache option affect the way the shctx is built

include/proto/ssl_sock.h

@@ -41,6 +41,10 @@ extern struct global_ssl global_ssl;
 extern struct ssl_bind_kw ssl_bind_kws[];
 extern struct methodVersions methodVersions[];
 __decl_hathreads(extern HA_SPINLOCK_T ckch_lock);
+extern struct pool_head *pool_head_ssl_capture;
+extern unsigned int openssl_engines_initialized;
+extern int nb_engines;
+extern struct xprt_ops ssl_sock;
 
 /* boolean, returns true if connection is over SSL */
 static inline
@@ -104,7 +108,12 @@ struct issuer_chain* ssl_get0_issuer_chain(X509 *cert);
 int ssl_sock_get_dn_oneline(X509_NAME *a, struct buffer *out);
 int ssl_sock_get_serial(X509 *crt, struct buffer *out);
 int cert_get_pkey_algo(X509 *crt, struct buffer *out);
-
+int ssl_load_global_issuer_from_BIO(BIO *in, char *fp, char **err);
+int ssl_sock_load_cert(char *path, struct bind_conf *bind_conf, char **err);
+void ssl_free_global_issuers(void);
+int ssl_sock_load_cert_list_file(char *file, int dir, struct bind_conf *bind_conf, struct proxy *curproxy, char **err);
+int ssl_init_single_engine(const char *engine_id, const char *def_algorithms);
+int ssl_store_load_locations_file(char *path);
 /* ssl shctx macro */
 
 #define sh_ssl_sess_tree_delete(s)     ebmb_delete(&(s)->key);