46 lines
1.6 KiB
Diff
46 lines
1.6 KiB
Diff
From f22b032956bc492dcf47b2a909f91a6fb2c6e49b Mon Sep 17 00:00:00 2001
|
|
From: William Lallemand <wlallemand@haproxy.org>
|
|
Date: Wed, 2 Jun 2021 16:09:11 +0200
|
|
Subject: [PATCH] BUILD: fix compilation for OpenSSL-3.0.0-alpha17
|
|
|
|
Some changes in the OpenSSL syntax API broke this syntax:
|
|
#if SSL_OP_NO_TLSv1_3
|
|
|
|
OpenSSL made this change which broke our usage in commit f04bb0bce490de847ed0482b8ec9eabedd173852:
|
|
|
|
-# define SSL_OP_NO_TLSv1_3 (uint64_t)0x20000000
|
|
+#define SSL_OP_BIT(n) ((uint64_t)1 << (uint64_t)n)
|
|
+# define SSL_OP_NO_TLSv1_3 SSL_OP_BIT(29)
|
|
|
|
Which can't be evaluated by the preprocessor anymore.
|
|
This patch replace the test by an openssl version test.
|
|
|
|
This fix part of #1276 issue.
|
|
---
|
|
src/ssl_sock.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
|
|
index f596a831d..27a4c3531 100644
|
|
--- a/src/ssl_sock.c
|
|
+++ b/src/ssl_sock.c
|
|
@@ -2217,13 +2217,13 @@ static void ssl_set_TLSv12_func(SSL *ssl, set_context_func c) {
|
|
: SSL_set_min_proto_version(ssl, TLS1_2_VERSION);
|
|
}
|
|
static void ctx_set_TLSv13_func(SSL_CTX *ctx, set_context_func c) {
|
|
-#if SSL_OP_NO_TLSv1_3
|
|
+#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
|
|
c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_3_VERSION)
|
|
: SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION);
|
|
#endif
|
|
}
|
|
static void ssl_set_TLSv13_func(SSL *ssl, set_context_func c) {
|
|
-#if SSL_OP_NO_TLSv1_3
|
|
+#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
|
|
c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_3_VERSION)
|
|
: SSL_set_min_proto_version(ssl, TLS1_3_VERSION);
|
|
#endif
|
|
--
|
|
2.31.1
|
|
|