]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
BUILD: quic: Fix build error when building QUIC against wolfssl.
authorFrederic Lecaille <flecaille@haproxy.com>
Wed, 24 Jan 2024 13:36:41 +0000 (14:36 +0100)
committerFrederic Lecaille <flecaille@haproxy.com>
Wed, 24 Jan 2024 13:36:41 +0000 (14:36 +0100)
This commit:

    "MINOR: quic: Enable early data at SSL session level (aws-lc)

introduced a build error when using wolfssl as TLS stack
because it references unknown function wolfSSL_set_quic_early_data_enabled()
which is not defined in qc_set_quic_early_data_context() that must not be used
in this case. The compilation of this fonction was enabled for wolfssl when
it should not have by the mentionned commit.

No backport is needed.

src/quic_ssl.c

index ca9fb86d7a97b48f3f0518afb41e581d0d22a6c3..91dc107074dc6f50ed0aa1afb70be6bfbf697ee5 100644 (file)
@@ -735,7 +735,7 @@ static int qc_ssl_sess_init(struct quic_conn *qc, SSL_CTX *ssl_ctx, SSL **ssl)
        return ret;
 }
 
-#ifndef USE_QUIC_OPENSSL_COMPAT
+#if !defined(USE_QUIC_OPENSSL_COMPAT) && !defined(USE_OPENSSL_WOLFSSL)
 
 /* Enable early data for <ssl> QUIC TLS session.
  * Return 1 if succeeded, 0 if not.
@@ -808,7 +808,7 @@ int qc_alloc_ssl_sock_ctx(struct quic_conn *qc)
                if (qc_ssl_sess_init(qc, bc->initial_ctx, &ctx->ssl) == -1)
                        goto err;
 #if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
-#ifndef USE_QUIC_OPENSSL_COMPAT
+#if !defined(USE_QUIC_OPENSSL_COMPAT) && !defined(USE_OPENSSL_WOLFSSL)
                /* Enabling 0-RTT */
                if (bc->ssl_conf.early_data && !qc_set_quic_early_data_enabled(qc, ctx->ssl))
                        goto err;