From: Willy Tarreau Date: Thu, 9 May 2019 12:15:32 +0000 (+0200) Subject: MINOR: ssl: enable aes_gcm_dec on LibreSSL X-Git-Tag: v2.0-dev3~66 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=86a394e44ddd17ea9829249dece6a7e864fb7be0;p=thirdparty%2Fhaproxy.git MINOR: ssl: enable aes_gcm_dec on LibreSSL This one requires OpenSSL 1.0.1 and above, and libressl was forked from 1.0.1g and is compatible (build-tested). No need to exclude it anymore from using this converter. --- diff --git a/src/ssl_sock.c b/src/ssl_sock.c index 794b6c9c48..e3e938d939 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -9329,7 +9329,7 @@ static int cli_parse_set_ocspresponse(char **args, char *payload, struct appctx } -#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined LIBRESSL_VERSION_NUMBER) +#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000100fL) static inline int sample_conv_var2smp_str(const struct arg *arg, struct sample *smp) { switch (arg->type) { @@ -9726,7 +9726,7 @@ INITCALL1(STG_REGISTER, cfg_register_keywords, &cfg_kws); /* Note: must not be declared as its list will be overwritten */ static struct sample_conv_kw_list conv_kws = {ILH, { -#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined LIBRESSL_VERSION_NUMBER) +#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000100fL) { "aes_gcm_dec", sample_conv_aes_gcm_dec, ARG4(4,SINT,STR,STR,STR), check_aes_gcm, SMP_T_BIN, SMP_T_BIN }, #endif { NULL, NULL, 0, 0, 0 },