From: W.C.A. Wijngaards Date: Thu, 22 Apr 2021 07:00:15 +0000 (+0200) Subject: - Fix #468: OpenSSL 1.0.1 can no longer build Unbound. X-Git-Tag: release-1.13.2rc1~192 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=25425d9aa74347b728bd15e1b70e821159ec0854;p=thirdparty%2Funbound.git - Fix #468: OpenSSL 1.0.1 can no longer build Unbound. --- diff --git a/config.h.in b/config.h.in index 103ad9f00..fd382694a 100644 --- a/config.h.in +++ b/config.h.in @@ -529,6 +529,9 @@ function. */ #undef HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEY_EVP_CB +/* Define to 1 if you have the `SSL_get0_alpn_selected' function. */ +#undef HAVE_SSL_GET0_ALPN_SELECTED + /* Define to 1 if you have the `SSL_get0_peername' function. */ #undef HAVE_SSL_GET0_PEERNAME diff --git a/configure b/configure index 266691d42..f86683f76 100755 --- a/configure +++ b/configure @@ -18418,7 +18418,7 @@ done # these check_funcs need -lssl BAKLIBS="$LIBS" LIBS="-lssl $LIBS" -for ac_func in OPENSSL_init_ssl SSL_CTX_set_security_level SSL_set1_host SSL_get0_peername X509_VERIFY_PARAM_set1_host SSL_CTX_set_ciphersuites SSL_CTX_set_tlsext_ticket_key_evp_cb SSL_CTX_set_alpn_select_cb +for ac_func in OPENSSL_init_ssl SSL_CTX_set_security_level SSL_set1_host SSL_get0_peername X509_VERIFY_PARAM_set1_host SSL_CTX_set_ciphersuites SSL_CTX_set_tlsext_ticket_key_evp_cb SSL_CTX_set_alpn_select_cb SSL_get0_alpn_selected do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" diff --git a/doc/Changelog b/doc/Changelog index 3e7148713..d6e1e485a 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,6 +1,7 @@ 22 April 2021: Wouter - Merge #466 from FGasper: Support OpenSSLs that lack SSL_get0_alpn_selected. + - Fix #468: OpenSSL 1.0.1 can no longer build Unbound. 13 April 2021: George - Fix documentation comment for files previously residing in checkconf/. diff --git a/util/net_help.c b/util/net_help.c index bcc8d34bd..06bc1f5dd 100644 --- a/util/net_help.c +++ b/util/net_help.c @@ -887,7 +887,7 @@ log_cert(unsigned level, const char* str, void* cert) } #endif /* HAVE_SSL */ -#if defined(HAVE_SSL) && defined(HAVE_NGHTTP2) +#if defined(HAVE_SSL) && defined(HAVE_NGHTTP2) && defined(HAVE_SSL_CTX_SET_ALPN_SELECT_CB) static int alpn_select_cb(SSL* ATTR_UNUSED(ssl), const unsigned char** out, unsigned char* outlen, const unsigned char* in, unsigned int inlen, void* ATTR_UNUSED(arg))