]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a96cbe3)
BUILD: acme: enable the ACME feature when JWS is present
authorWilliam Lallemand <wlallemand@haproxy.com>
Fri, 11 Apr 2025 23:10:14 +0000 (01:10 +0200)
committerWilliam Lallemand <wlallemand@haproxy.com>
Fri, 11 Apr 2025 23:39:03 +0000 (01:39 +0200)
The ACME feature depends on the JWS, which currently does not work with
every SSL libraries. This patch only enables ACME when JWS is enabled.

include/haproxy/openssl-compat.h patch | blob | blame | history
src/acme.c patch | blob | blame | history
src/ssl_ckch.c patch | blob | blame | history

diff --git a/include/haproxy/openssl-compat.h b/include/haproxy/openssl-compat.h
index d7f0830f2e18a4b9d5f66430e19f4a3a3f8106a4..1222cdf7784dbe1d21488f51a13f993f0a56e471 100644 (file)
--- a/include/haproxy/openssl-compat.h
+++ b/include/haproxy/openssl-compat.h
@@ -132,6 +132,10 @@
 #define HAVE_JWS
 #endif
 
+#if (defined(HAVE_JWS))
+#define HAVE_ACME
+#endif
+
 #if !defined(HAVE_SSL_SET_SECURITY_LEVEL)
 /* define a nope function for set_security_level */
 #define SSL_CTX_set_security_level(ctx, level) ({})
diff --git a/src/acme.c b/src/acme.c
index 0c80fcf765e026fe504f1faf03f807d160cadcc1..4d8232346c8ea8b3ab67177f944b18602527face 100644 (file)
--- a/src/acme.c
+++ b/src/acme.c
@@ -31,6 +31,8 @@
 #include <haproxy/ssl_utils.h>
 #include <haproxy/tools.h>
 
+#if defined(HAVE_ACME)
+
 static struct acme_cfg *acme_cfgs = NULL;
 static struct acme_cfg *cur_acme = NULL;
 
@@ -1879,6 +1881,8 @@ static struct cli_kw_list cli_kws = {{ },{
 
 INITCALL1(STG_REGISTER, cli_register_kw, &cli_kws);
 
+#endif /* ! HAVE_ACME */
+
 /*
  * Local variables:
  *  c-indent-level: 8
diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index 747ee4ccae3aebf849cd9abbdb6ad0bb7aaa8274..d9e107c1ac45b71d6ebc7e0315d9a67cdea17b25 100644 (file)
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -4599,7 +4599,9 @@ struct ckch_conf_kws ckch_conf_kws[] = {
 #if defined(HAVE_SSL_OCSP)
        { "ocsp-update",  offsetof(struct ckch_conf, ocsp_update_mode), PARSE_TYPE_ONOFF, ocsp_update_init,               },
 #endif
+#if defined(HAVE_ACME)
        { "acme",         offsetof(struct ckch_conf, acme.id),          PARSE_TYPE_STR,   ckch_conf_acme_init,            },
+#endif
        { "domains",      offsetof(struct ckch_conf, acme.domains),     PARSE_TYPE_ARRAY_SUBSTR,   NULL,            },
        { NULL,          -1,                                            PARSE_TYPE_STR,   NULL,                           }
 };
Mirror of https://github.com/haproxy/haproxy.git