BUILD: ssl: use SSL_MODE_ASYNC macro instead of OPENSSL_VERSION

commit: bdec3ba79668ff78ee882fbf77d219313fc358ff [log] [tgz]
author: Ilya Shipitsin <chipitsine@gmail.com> Sat Nov 14 01:56:34 2020 +0500
committer: William Lallemand <wlallemand@haproxy.org> Thu Nov 19 19:59:32 2020 +0100
tree: 72c03e826b88f581089bfa809c0ea58fa0beb34c
parent: f69cd6873756510e6e4ef82624c16719da6f2c80 [diff]
diff --git a/src/cfgparse-ssl.c b/src/cfgparse-ssl.c
index bc61489..0d7c7c3 100644
--- a/src/cfgparse-ssl.c
+++ b/src/cfgparse-ssl.c

@@ -125,7 +125,7 @@
                                        struct proxy *defpx, const char *file, int line,
                                        char **err)
 {
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
+#ifdef SSL_MODE_ASYNC
 	global_ssl.async = 1;
 	global.ssl_used_async_engines = nb_engines;
 	return 0;

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index d6d0487..a831a3b 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c

@@ -702,7 +702,7 @@
 }
 #endif
 
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
+#ifdef SSL_MODE_ASYNC
 /*
  * openssl async fd handler
  */
@@ -3674,7 +3674,7 @@
 
 	SSL_CTX_set_options(ctx, options);
 
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
+#ifdef SSL_MODE_ASYNC
 	if (global_ssl.async)
 		mode |= SSL_MODE_ASYNC;
 #endif
@@ -4525,7 +4525,7 @@
 		options |= SSL_OP_NO_TICKET;
 	SSL_CTX_set_options(ctx, options);
 
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
+#ifdef SSL_MODE_ASYNC
 	if (global_ssl.async)
 		mode |= SSL_MODE_ASYNC;
 #endif
@@ -5215,7 +5215,7 @@
 					ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_RECV, &ctx->wait_event);
 				return 0;
 			}
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
+#ifdef SSL_MODE_ASYNC
 			else if (ret == SSL_ERROR_WANT_ASYNC) {
 				ssl_async_process_fds(ctx);
 				return 0;
@@ -5299,7 +5299,7 @@
 				    SUB_RETRY_RECV, &ctx->wait_event);
 			return 0;
 		}
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
+#ifdef SSL_MODE_ASYNC
 		else if (ret == SSL_ERROR_WANT_ASYNC) {
 			ssl_async_process_fds(ctx);
 			return 0;
@@ -5380,7 +5380,7 @@
 
 reneg_ok:
 
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
+#ifdef SSL_MODE_ASYNC
 	/* ASYNC engine API doesn't support moving read/write
 	 * buffers. So we disable ASYNC mode right after
 	 * the handshake to avoid buffer overflow.
@@ -5684,7 +5684,7 @@
 				/* handshake is running, and it needs to enable write */
 				conn->flags |= CO_FL_SSL_WAIT_HS;
 				ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_SEND, &ctx->wait_event);
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
+#ifdef SSL_MODE_ASYNC
 				/* Async mode can be re-enabled, because we're leaving data state.*/
 				if (global_ssl.async)
 					SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
@@ -5698,7 +5698,7 @@
 							     &ctx->wait_event);
 					/* handshake is running, and it may need to re-enable read */
 					conn->flags |= CO_FL_SSL_WAIT_HS;
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
+#ifdef SSL_MODE_ASYNC
 					/* Async mode can be re-enabled, because we're leaving data state.*/
 					if (global_ssl.async)
 						SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
@@ -5846,7 +5846,7 @@
 					/* handshake is running, and it may need to re-enable write */
 					conn->flags |= CO_FL_SSL_WAIT_HS;
 					ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_SEND, &ctx->wait_event);
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
+#ifdef SSL_MODE_ASYNC
 					/* Async mode can be re-enabled, because we're leaving data state.*/
 					if (global_ssl.async)
 						SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
@@ -5862,7 +5862,7 @@
 				ctx->xprt->subscribe(conn, ctx->xprt_ctx,
 				                     SUB_RETRY_RECV,
 						     &ctx->wait_event);
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
+#ifdef SSL_MODE_ASYNC
 				/* Async mode can be re-enabled, because we're leaving data state.*/
 				if (global_ssl.async)
 					SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
@@ -5901,7 +5901,7 @@
 
 		if (ctx->xprt->close)
 			ctx->xprt->close(conn, ctx->xprt_ctx);
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
+#ifdef SSL_MODE_ASYNC
 		if (global_ssl.async) {
 			OSSL_ASYNC_FD all_fd[32], afd;
 			size_t num_all_fds = 0;

diff --git a/src/tools.c b/src/tools.c
index 75dfef1..1f6c2b9 100644
--- a/src/tools.c
+++ b/src/tools.c

@@ -4593,7 +4593,7 @@
 #ifdef USE_LUA
 		{ .func = hlua_process_task, .name = "hlua_process_task" },
 #endif
-#if defined(USE_OPENSSL) && (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
+#ifdef SSL_MODE_ASYNC
 		{ .func = ssl_async_fd_free, .name = "ssl_async_fd_free" },
 		{ .func = ssl_async_fd_handler, .name = "ssl_async_fd_handler" },
 #endif
commit	bdec3ba79668ff78ee882fbf77d219313fc358ff	[log] [tgz]
author	Ilya Shipitsin <chipitsine@gmail.com>	Sat Nov 14 01:56:34 2020 +0500
committer	William Lallemand <wlallemand@haproxy.org>	Thu Nov 19 19:59:32 2020 +0100
tree	72c03e826b88f581089bfa809c0ea58fa0beb34c
parent	f69cd6873756510e6e4ef82624c16719da6f2c80 [diff]