rpms / haproxy

Clone
Source Code
GIT

Blame SOURCES/bz1984786-fix-openssl-build.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8-sig-nfv-network-extras c8s c9 c9-beta
  1.   4834bd41f28c39eb244c0f9cef3cefe0108535f6
  2.   SOURCES
  3.   bz1984786-fix-openssl-build.patch
Blob History Raw
4834bd 
From f22b032956bc492dcf47b2a909f91a6fb2c6e49b Mon Sep 17 00:00:00 2001
4834bd 
From: William Lallemand <wlallemand@haproxy.org>
4834bd 
Date: Wed, 2 Jun 2021 16:09:11 +0200
4834bd 
Subject: [PATCH] BUILD: fix compilation for OpenSSL-3.0.0-alpha17
4834bd
4834bd 
Some changes in the OpenSSL syntax API broke this syntax:
4834bd 
  #if SSL_OP_NO_TLSv1_3
4834bd
4834bd 
OpenSSL made this change which broke our usage in commit f04bb0bce490de847ed0482b8ec9eabedd173852:
4834bd
4834bd 
-# define SSL_OP_NO_TLSv1_3                               (uint64_t)0x20000000
4834bd 
+#define SSL_OP_BIT(n)  ((uint64_t)1 << (uint64_t)n)
4834bd 
+# define SSL_OP_NO_TLSv1_3                               SSL_OP_BIT(29)
4834bd
4834bd 
Which can't be evaluated by the preprocessor anymore.
4834bd 
This patch replace the test by an openssl version test.
4834bd
4834bd 
This fix part of #1276 issue.
4834bd 
---
4834bd 
 src/ssl_sock.c | 4 ++--
4834bd 
 1 file changed, 2 insertions(+), 2 deletions(-)
4834bd
4834bd 
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
4834bd 
index f596a831d..27a4c3531 100644
4834bd 
--- a/src/ssl_sock.c
4834bd 
+++ b/src/ssl_sock.c
4834bd 
@@ -2217,13 +2217,13 @@ static void ssl_set_TLSv12_func(SSL *ssl, set_context_func c) {
4834bd 
 		: SSL_set_min_proto_version(ssl, TLS1_2_VERSION);
4834bd 
 }
4834bd 
 static void ctx_set_TLSv13_func(SSL_CTX *ctx, set_context_func c) {
4834bd 
-#if SSL_OP_NO_TLSv1_3
4834bd 
+#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
4834bd 
 	c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_3_VERSION)
4834bd 
 		: SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION);
4834bd 
 #endif
4834bd 
 }
4834bd 
 static void ssl_set_TLSv13_func(SSL *ssl, set_context_func c) {
4834bd 
-#if SSL_OP_NO_TLSv1_3
4834bd 
+#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
4834bd 
 	c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_3_VERSION)
4834bd 
 		: SSL_set_min_proto_version(ssl, TLS1_3_VERSION);
4834bd 
 #endif
4834bd 
--
4834bd 
2.31.1
4834bd

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation