From: William Lallemand Date: Fri, 11 Apr 2025 23:10:14 +0000 (+0200) Subject: BUILD: acme: enable the ACME feature when JWS is present X-Git-Tag: v3.2-dev11~79 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=39c05cedff4e478e950431cf68d8db5ba8e892d3;p=thirdparty%2Fhaproxy.git BUILD: acme: enable the ACME feature when JWS is present The ACME feature depends on the JWS, which currently does not work with every SSL libraries. This patch only enables ACME when JWS is enabled. --- diff --git a/include/haproxy/openssl-compat.h b/include/haproxy/openssl-compat.h index d7f0830f2..1222cdf77 100644 --- a/include/haproxy/openssl-compat.h +++ b/include/haproxy/openssl-compat.h @@ -132,6 +132,10 @@ #define HAVE_JWS #endif +#if (defined(HAVE_JWS)) +#define HAVE_ACME +#endif + #if !defined(HAVE_SSL_SET_SECURITY_LEVEL) /* define a nope function for set_security_level */ #define SSL_CTX_set_security_level(ctx, level) ({}) diff --git a/src/acme.c b/src/acme.c index 0c80fcf76..4d8232346 100644 --- a/src/acme.c +++ b/src/acme.c @@ -31,6 +31,8 @@ #include #include +#if defined(HAVE_ACME) + static struct acme_cfg *acme_cfgs = NULL; static struct acme_cfg *cur_acme = NULL; @@ -1879,6 +1881,8 @@ static struct cli_kw_list cli_kws = {{ },{ INITCALL1(STG_REGISTER, cli_register_kw, &cli_kws); +#endif /* ! HAVE_ACME */ + /* * Local variables: * c-indent-level: 8 diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c index 747ee4cca..d9e107c1a 100644 --- a/src/ssl_ckch.c +++ b/src/ssl_ckch.c @@ -4599,7 +4599,9 @@ struct ckch_conf_kws ckch_conf_kws[] = { #if defined(HAVE_SSL_OCSP) { "ocsp-update", offsetof(struct ckch_conf, ocsp_update_mode), PARSE_TYPE_ONOFF, ocsp_update_init, }, #endif +#if defined(HAVE_ACME) { "acme", offsetof(struct ckch_conf, acme.id), PARSE_TYPE_STR, ckch_conf_acme_init, }, +#endif { "domains", offsetof(struct ckch_conf, acme.domains), PARSE_TYPE_ARRAY_SUBSTR, NULL, }, { NULL, -1, PARSE_TYPE_STR, NULL, } };