CLEANUP: ssl_sock: move dirty openssl-1.0.2 wrapper to openssl-compat

Valentine noticed this ugly SSL_CTX_get_tlsext_status_cb() macro
definition inside ssl_sock.c that is dedicated to openssl-1.0.2 only.
It would be better placed in openssl-compat.h, which is what this
patch does. It also addresses a missing pair of parenthesis and
removes an invalid extra semicolon.

diff --git a/include/haproxy/openssl-compat.h b/include/haproxy/openssl-compat.h
index 3dc916d3f1bd19b9d3e3b5eb0c07001a347008d3..d145fb485271a222c9ff745bea3167c6c87c8e26 100644 (file)
--- a/include/haproxy/openssl-compat.h
+++ b/include/haproxy/openssl-compat.h
@@ -506,5 +506,10 @@ static inline unsigned long ERR_peek_error_func(const char **func)
 #define SSL_CTX_set1_sigalgs_list SSL_CTX_set1_sigalgs_list
 #endif
 
+#ifndef SSL_CTX_get_tlsext_status_cb
+# define SSL_CTX_get_tlsext_status_cb(ctx, cb) \
+       *(cb) = (void (*) (void))ctx->tlsext_status_cb
+#endif
+
 #endif /* USE_OPENSSL */
 #endif /* _HAPROXY_OPENSSL_COMPAT_H */

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index a907f595d8180a97ca73f342730a900ddf73a6bf..e6bf3ff179ade3a3ca27edfbc96bf7f441fc9e1b 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -1185,10 +1185,6 @@ static int ssl_sock_load_ocsp(const char *path, SSL_CTX *ctx, struct ckch_store
        if (iocsp == ocsp)
                ocsp = NULL;
 
-#ifndef SSL_CTX_get_tlsext_status_cb
-# define SSL_CTX_get_tlsext_status_cb(ctx, cb) \
-       *cb = (void (*) (void))ctx->tlsext_status_cb;
-#endif
        SSL_CTX_get_tlsext_status_cb(ctx, &callback);
 
        if (inc_refcount_store)