BUG/MINOR: ssl: Fix compilation with OpenSSL 1.0.2 (missing ECDSA_SIG_set0) This function was introduced in OpenSSL 1.1.0. Prior to that, the ECDSA_SIG structure was public. This function was used in commit 5a8f02ae "BUG/MEDIUM: jwt: Properly process ecdsa signatures (concatenated R and S params)". This patch needs to be backported up to branch 2.5 alongside commit 5a8f02ae.

commit: bb35e1f5aa69f55f588e060fee6098db37abe94c [log] [tgz]
author: Remi Tricot-Le Breton <rlebreton@haproxy.com> Wed Jan 18 17:29:54 2023 +0100
committer: William Lallemand <wlallemand@haproxy.org> Thu Jan 19 11:13:51 2023 +0100
tree: 48688f54137f18e32b3b7bb0250aa406b1762cab
parent: 2edc6d0301825327b6b5acb6acd1c68701bb104e [diff]
diff --git a/include/haproxy/openssl-compat.h b/include/haproxy/openssl-compat.h
index f520790..2f6b7c2 100644
--- a/include/haproxy/openssl-compat.h
+++ b/include/haproxy/openssl-compat.h

@@ -325,6 +325,19 @@
 {
     return ctx->cert;
 }
+
+static inline int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
+{
+	if (r == NULL || s == NULL)
+		return 0;
+	BN_clear_free(sig->r);
+	BN_clear_free(sig->s);
+
+	sig->r = r;
+	sig->s = s;
+	return 1;
+}
+
 #endif
 
 #if (HA_OPENSSL_VERSION_NUMBER < 0x3000000fL)
commit	bb35e1f5aa69f55f588e060fee6098db37abe94c	[log] [tgz]
author	Remi Tricot-Le Breton <rlebreton@haproxy.com>	Wed Jan 18 17:29:54 2023 +0100
committer	William Lallemand <wlallemand@haproxy.org>	Thu Jan 19 11:13:51 2023 +0100
tree	48688f54137f18e32b3b7bb0250aa406b1762cab
parent	2edc6d0301825327b6b5acb6acd1c68701bb104e [diff]