From: William Lallemand <wlallemand@haproxy.com>
Date: Mon, 9 Oct 2023 19:34:25 +0000 (+0200)
Subject: BUILD: ssl: enable keylog for WolfSSL
X-Git-Tag: v2.9-dev8~93
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=deed2b6077be6d255a5ba6ab321952a98d10f76b;p=thirdparty%2Fhaproxy.git

BUILD: ssl: enable keylog for WolfSSL

Enable the keylog feature when linking against an WolfSSL library which
has the 'HAVE_SECRET_CALLBACK' define.

Only supports <= TLSv1.2 secret dump.
---

diff --git a/include/haproxy/openssl-compat.h b/include/haproxy/openssl-compat.h
index 78fbad4156..5639468c98 100644
--- a/include/haproxy/openssl-compat.h
+++ b/include/haproxy/openssl-compat.h
@@ -99,7 +99,7 @@
 #define HAVE_SSL_SCTL
 #endif
 
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L) || defined(USE_OPENSSL_AWSLC)
+#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L) || defined(USE_OPENSSL_AWSLC) || (defined(USE_OPENSSL_WOLFSSL) && defined(HAVE_SECRET_CALLBACK))
 #define HAVE_SSL_KEYLOG
 #endif