BUG/MINOR: ssl: fix warning about ssl-min/max-ver support In 84e417d8 ("MINOR: ssl: support Openssl 1.1.1 early callback for switchctx") the code was extended to also support OpenSSL 1.1.1 (code already supported BoringSSL). A configuration check warning was updated but with the wrong logic, the #ifdef needs a && instead of an ||. Reported in #54. Should be backported to 1.8.

commit: 1aabc939780d5eab1f88089d01fb077ad9315c65 [log] [tgz]
author: Lukas Tribus <lukas@ltri.eu> Tue Mar 05 23:14:32 2019 +0100
committer: Willy Tarreau <w@1wt.eu> Tue Mar 05 23:56:58 2019 +0100
tree: ecd9e9a7f43078025e138c070d4ea2328402cd1e
parent: 5799e9cd37301ab74436954e860250c3f26e4d79 [diff] [blame]
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 99d2a11..7cfda2b 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c

@@ -7654,7 +7654,7 @@
 
 static int ssl_bind_parse_tls_method_minmax(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
 {
-#if (OPENSSL_VERSION_NUMBER < 0x10101000L) || !defined(OPENSSL_IS_BORINGSSL)
+#if (OPENSSL_VERSION_NUMBER < 0x10101000L) && !defined(OPENSSL_IS_BORINGSSL)
 	ha_warning("crt-list: ssl-min-ver and ssl-max-ver are not supported with this Openssl version (skipped).\n");
 #endif
 	return parse_tls_method_minmax(args, cur_arg, &conf->ssl_methods, err);
commit	1aabc939780d5eab1f88089d01fb077ad9315c65	[log] [tgz]
author	Lukas Tribus <lukas@ltri.eu>	Tue Mar 05 23:14:32 2019 +0100
committer	Willy Tarreau <w@1wt.eu>	Tue Mar 05 23:56:58 2019 +0100
tree	ecd9e9a7f43078025e138c070d4ea2328402cd1e
parent	5799e9cd37301ab74436954e860250c3f26e4d79 [diff] [blame]