From: Ilya Shipitsin <chipitsine@gmail.com>
Date: Sat, 21 Nov 2020 18:10:53 +0000 (+0500)
Subject: BUILD: SSL: add BoringSSL guarding to "RAND_keep_random_devices_open"
X-Git-Tag: v2.4-dev2~38
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d9a16dc0f2df946ede5d04f9aa06b396d6f6cf66;p=thirdparty%2Fhaproxy.git

BUILD: SSL: add BoringSSL guarding to "RAND_keep_random_devices_open"

"RAND_keep_random_devices_open" is OpenSSL specific, does not present
in other OpenSSL variants like LibreSSL or BoringSSL. BoringSSL recently
"updated" its internal openssl version to 1.1.1, we temporarily set it
back to 1.1.0, as we are going to remove that hack, let us add proper
guarding.
---

diff --git a/src/haproxy.c b/src/haproxy.c
index 019cc571c9..ae11f8dd5f 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -783,7 +783,7 @@ void mworker_reload()
 		if (fdtab)
 			deinit_pollers();
 	}
-#if defined(USE_OPENSSL) && (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
+#if defined(USE_OPENSSL) && (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(OPENSSL_IS_BORINGSSL)
 	/* close random device FDs */
 	RAND_keep_random_devices_open(0);
 #endif