nghttpx: Reorganize client side TLS configuration

src/shrpx_config.cc

@@ -1265,7 +1265,7 @@ int parse_psk_secrets(Config *config, const StringRef &path) {
 
 namespace {
 // Reads PSK secrets from path, and parses each line.  The result is
-// directly stored into config->tls.client_psk.  This function returns
+// directly stored into config->tls.client.psk.  This function returns
 // 0 if it succeeds, or -1.
 int parse_client_psk_secrets(Config *config, const StringRef &path) {
   auto &tlsconf = config->tls;
@@ -1310,10 +1310,10 @@ int parse_client_psk_secrets(Config *config, const StringRef &path) {
       return -1;
     }
 
-    tlsconf.client_psk.identity =
+    tlsconf.client.psk.identity =
         make_string_ref(config->balloc, StringRef{std::begin(line), sep_it});
 
-    tlsconf.client_psk.secret =
+    tlsconf.client.psk.secret =
         util::decode_hex(config->balloc, StringRef{sep_it + 1, std::end(line)});
 
     return 0;

src/shrpx_config.h

@@ -546,18 +546,17 @@ struct TLSConfig {
     bool enabled;
   } client_verify;
 
-  // Client private key and certificate used in backend connections.
+  // Client (backend connection) TLS configuration.
   struct {
-    StringRef private_key_file;
-    StringRef cert_file;
-  } client;
-
     // Client PSK configuration
     struct {
       // identity must be NULL terminated string.
       StringRef identity;
       StringRef secret;
-  } client_psk;
+    } psk;
+    StringRef private_key_file;
+    StringRef cert_file;
+  } client;
 
   // PSK secrets.  The key is identity, and the associated value is
   // its secret.

src/shrpx_ssl.cc

@@ -556,8 +556,8 @@ unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity_out,
   auto config = get_config();
   auto &tlsconf = config->tls;
 
-  auto &identity = tlsconf.client_psk.identity;
-  auto &secret = tlsconf.client_psk.secret;
+  auto &identity = tlsconf.client.psk.identity;
+  auto &secret = tlsconf.client.psk.secret;
 
   if (identity.empty()) {
     return 0;