Hello, yet another patch that removes several occurrences of HA_OPENSSL_VERSION also, fetches enabled for BoringSSL and LibreSSL-2.7.0 and higher
Ilya
From dcdfb25d51e44bf84175514a4a6b786b9c15e20e Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin <[email protected]> Date: Thu, 25 Mar 2021 00:41:41 +0500 Subject: [PATCH] BUILD: ssl: introduce fine guard for ssl random extraction functions SSL_get_{client,server}_random are supported in OpenSSL-1.1.0, BoringSSL, LibreSSL-2.7.0 let us introduce HAVE_SSL_EXTRACT_RANDOM for that purpose --- include/haproxy/openssl-compat.h | 4 ++++ src/ssl_sample.c | 6 +++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/include/haproxy/openssl-compat.h b/include/haproxy/openssl-compat.h index 396810a0a..d26deccc6 100644 --- a/include/haproxy/openssl-compat.h +++ b/include/haproxy/openssl-compat.h @@ -41,6 +41,10 @@ #define OpenSSL_version_num SSLeay #endif +#if (LIBRESSL_VERSION_NUMBER >= 0x2070100fL) || defined(OPENSSL_IS_BORINGSSL) || (!defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L)) +#define HAVE_SSL_EXTRACT_RANDOM +#endif + #if ((OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(OPENSSL_IS_BORINGSSL) && !defined(LIBRESSL_VERSION_NUMBER)) #define HAVE_SSL_RAND_KEEP_RANDOM_DEVICES_OPEN #endif diff --git a/src/ssl_sample.c b/src/ssl_sample.c index e2479f501..4c7d9aa9d 100644 --- a/src/ssl_sample.c +++ b/src/ssl_sample.c @@ -1029,7 +1029,7 @@ smp_fetch_ssl_fc_session_id(const struct arg *args, struct sample *smp, const ch #endif -#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L +#ifdef HAVE_SSL_EXTRACT_RANDOM static int smp_fetch_ssl_fc_random(const struct arg *args, struct sample *smp, const char *kw, void *private) { @@ -1462,7 +1462,7 @@ static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, { #if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL { "ssl_bc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV }, #endif -#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L +#ifdef HAVE_SSL_EXTRACT_RANDOM { "ssl_bc_client_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV }, { "ssl_bc_server_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV }, { "ssl_bc_session_key", smp_fetch_ssl_fc_session_key, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV }, @@ -1514,7 +1514,7 @@ static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, { #if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL { "ssl_fc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI }, #endif -#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L +#ifdef HAVE_SSL_EXTRACT_RANDOM { "ssl_fc_client_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI }, { "ssl_fc_server_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI }, { "ssl_fc_session_key", smp_fetch_ssl_fc_session_key, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI }, -- 2.30.2
