MINOR: ssl: generate-certificates for BoringSSL

author Emmanuel Hocdet <manu@gandi.net>

Mon, 1 Oct 2018 16:45:19 +0000 (18:45 +0200)

committer Christopher Faulet <cfaulet@haproxy.com>

Mon, 8 Oct 2018 07:42:34 +0000 (09:42 +0200)
author Emmanuel Hocdet <manu@gandi.net>
Mon, 1 Oct 2018 16:45:19 +0000 (18:45 +0200)
committer Christopher Faulet <cfaulet@haproxy.com>
Mon, 8 Oct 2018 07:42:34 +0000 (09:42 +0200)
diff --git a/include/proto/openssl-compat.h b/include/proto/openssl-compat.h

index 564d2b4f1ae209cf57c6baae71eb3301785e2b42..ffee2e40c1ddd3251aabf29cede516019fbb767b 100644 (file)
--- a/include/proto/openssl-compat.h
+++ b/include/proto/openssl-compat.h
@@ -153,7 +153,6 @@ static inline const unsigned char *ASN1_STRING_get0_data(const ASN1_STRING *x)
  #endif
  
  #ifdef OPENSSL_IS_BORINGSSL
-#define SSL_NO_GENERATE_CERTIFICATES
  
  static inline int EVP_PKEY_base_id(EVP_PKEY *pkey)
  {
diff --git a/src/ssl_sock.c b/src/ssl_sock.c

index bb62b672ad11498ca0777cf0ae71a1b7511bec00..c11acb3b719504fa958a237a06de19adaeb23c19 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -1753,7 +1753,7 @@ ssl_sock_do_create_cert(const char *servername, struct bind_conf *bind_conf, SSL
         else if (key_type == EVP_PKEY_EC)
                 digest = EVP_sha256();
         else {
-#if (OPENSSL_VERSION_NUMBER >= 0x1000000fL)
+#if (OPENSSL_VERSION_NUMBER >= 0x1000000fL) && !defined(OPENSSL_IS_BORINGSSL)
                 int nid;
  
                 if (EVP_PKEY_get_default_digest_nid(capkey, &nid) <= 0)
author	Emmanuel Hocdet <manu@gandi.net>
	Mon, 1 Oct 2018 16:45:19 +0000 (18:45 +0200)
committer	Christopher Faulet <cfaulet@haproxy.com>
	Mon, 8 Oct 2018 07:42:34 +0000 (09:42 +0200)
include/proto/openssl-compat.h		patch \| blob \| blame \| history
src/ssl_sock.c		patch \| blob \| blame \| history