BUILD: ssl: introduce fine guard for ssl random extraction functions

author Ilya Shipitsin <chipitsine@gmail.com>

Wed, 24 Mar 2021 19:41:41 +0000 (00:41 +0500)

committer William Lallemand <wlallemand@haproxy.org>

Fri, 26 Mar 2021 14:19:07 +0000 (15:19 +0100)
author Ilya Shipitsin <chipitsine@gmail.com>
Wed, 24 Mar 2021 19:41:41 +0000 (00:41 +0500)
committer William Lallemand <wlallemand@haproxy.org>
Fri, 26 Mar 2021 14:19:07 +0000 (15:19 +0100)
diff --git a/include/haproxy/openssl-compat.h b/include/haproxy/openssl-compat.h

index 396810a0aa1361cf3d8d902618421af714dfff94..d26deccc6c2c20cab72ec3ab9a7521084cf4bf4a 100644 (file)
--- a/include/haproxy/openssl-compat.h
+++ b/include/haproxy/openssl-compat.h
@@ -41,6 +41,10 @@
  #define OpenSSL_version_num     SSLeay
  #endif
  
+#if (LIBRESSL_VERSION_NUMBER >= 0x2070100fL) || defined(OPENSSL_IS_BORINGSSL) || (!defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L))
+#define HAVE_SSL_EXTRACT_RANDOM
+#endif
+
  #if ((OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(OPENSSL_IS_BORINGSSL) && !defined(LIBRESSL_VERSION_NUMBER))
  #define HAVE_SSL_RAND_KEEP_RANDOM_DEVICES_OPEN
  #endif
diff --git a/src/ssl_sample.c b/src/ssl_sample.c

index e2479f50138a1a2df32b947e4c6ce399d43acab9..4c7d9aa9db93fd18ed497c6cfc1951293e33ba0d 100644 (file)
--- a/src/ssl_sample.c
+++ b/src/ssl_sample.c
@@ -1029,7 +1029,7 @@ smp_fetch_ssl_fc_session_id(const struct arg *args, struct sample *smp, const ch
  #endif
  
  
-#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
+#ifdef HAVE_SSL_EXTRACT_RANDOM
  static int
  smp_fetch_ssl_fc_random(const struct arg *args, struct sample *smp, const char *kw, void *private)
  {
@@ -1462,7 +1462,7 @@ static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
  #if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
         { "ssl_bc_session_id",      smp_fetch_ssl_fc_session_id,  0,                   NULL,    SMP_T_BIN,  SMP_USE_L5SRV },
  #endif
-#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
+#ifdef HAVE_SSL_EXTRACT_RANDOM
         { "ssl_bc_client_random",   smp_fetch_ssl_fc_random,      0,                   NULL,    SMP_T_BIN,  SMP_USE_L5SRV },
         { "ssl_bc_server_random",   smp_fetch_ssl_fc_random,      0,                   NULL,    SMP_T_BIN,  SMP_USE_L5SRV },
         { "ssl_bc_session_key",     smp_fetch_ssl_fc_session_key, 0,                   NULL,    SMP_T_BIN,  SMP_USE_L5SRV },
@@ -1514,7 +1514,7 @@ static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
  #if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
         { "ssl_fc_session_id",      smp_fetch_ssl_fc_session_id,  0,                   NULL,    SMP_T_BIN,  SMP_USE_L5CLI },
  #endif
-#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
+#ifdef HAVE_SSL_EXTRACT_RANDOM
         { "ssl_fc_client_random",   smp_fetch_ssl_fc_random,      0,                   NULL,    SMP_T_BIN,  SMP_USE_L5CLI },
         { "ssl_fc_server_random",   smp_fetch_ssl_fc_random,      0,                   NULL,    SMP_T_BIN,  SMP_USE_L5CLI },
         { "ssl_fc_session_key",     smp_fetch_ssl_fc_session_key, 0,                   NULL,    SMP_T_BIN,  SMP_USE_L5CLI },
author	Ilya Shipitsin <chipitsine@gmail.com>
	Wed, 24 Mar 2021 19:41:41 +0000 (00:41 +0500)
committer	William Lallemand <wlallemand@haproxy.org>
	Fri, 26 Mar 2021 14:19:07 +0000 (15:19 +0100)
include/haproxy/openssl-compat.h		patch \| blob \| blame \| history
src/ssl_sample.c		patch \| blob \| blame \| history