BUILD: ssl: guard ecdh functions with SSL_CTX_set_tmp_ecdh macro

author Ilya Shipitsin <chipitsine@gmail.com>

Sun, 21 Mar 2021 07:50:47 +0000 (12:50 +0500)

committer William Lallemand <wlallemand@haproxy.org>

Wed, 24 Mar 2021 08:52:37 +0000 (09:52 +0100)
author Ilya Shipitsin <chipitsine@gmail.com>
Sun, 21 Mar 2021 07:50:47 +0000 (12:50 +0500)
committer William Lallemand <wlallemand@haproxy.org>
Wed, 24 Mar 2021 08:52:37 +0000 (09:52 +0100)
diff --git a/src/cfgparse-ssl.c b/src/cfgparse-ssl.c

index 16cac6ec47b8846da3a501c89f2622d71ee445b4..7d14fa0a9e95096db2cbd099e8b496afc717ff69 100644 (file)
--- a/src/cfgparse-ssl.c
+++ b/src/cfgparse-ssl.c
@@ -722,7 +722,7 @@ static int bind_parse_curves(char **args, int cur_arg, struct proxy *px, struct
  /* parse the "ecdhe" bind keyword keyword */
  static int ssl_bind_parse_ecdhe(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, int from_cli, char **err)
  {
-#if HA_OPENSSL_VERSION_NUMBER < 0x0090800fL
+#if !defined(SSL_CTX_set_tmp_ecdh)
         memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (too old)", args[cur_arg]);
         return ERR_ALERT | ERR_FATAL;
  #elif defined(OPENSSL_NO_ECDH)
author	Ilya Shipitsin <chipitsine@gmail.com>
	Sun, 21 Mar 2021 07:50:47 +0000 (12:50 +0500)
committer	William Lallemand <wlallemand@haproxy.org>
	Wed, 24 Mar 2021 08:52:37 +0000 (09:52 +0100)