Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / df627943a456a330be82cc012870ede8f43bd80f^! / .
commitdf627943a456a330be82cc012870ede8f43bd80f[log] [tgz]
authorIlya Shipitsin <chipitsine@gmail.com>Thu Mar 25 00:41:41 2021 +0500
committerWilliam Lallemand <wlallemand@haproxy.org>Fri Mar 26 15:19:07 2021 +0100
tree57576e9b1e214b4a17d6fbf248195c2aba311d87
parentbc2c386992decb1ec8b0096f0b2ffd860e9cd559 [diff]
BUILD: ssl: introduce fine guard for ssl random extraction functions

SSL_get_{client,server}_random are supported in OpenSSL-1.1.0, BoringSSL,
LibreSSL-2.7.0

let us introduce HAVE_SSL_EXTRACT_RANDOM for that purpose

diff --git a/include/haproxy/openssl-compat.h b/include/haproxy/openssl-compat.h
index 396810a..d26decc 100644
--- a/include/haproxy/openssl-compat.h
+++ b/include/haproxy/openssl-compat.h

@@ -41,6 +41,10 @@
 #define OpenSSL_version_num     SSLeay
 #endif
 
+#if (LIBRESSL_VERSION_NUMBER >= 0x2070100fL) || defined(OPENSSL_IS_BORINGSSL) || (!defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L))
+#define HAVE_SSL_EXTRACT_RANDOM
+#endif
+
 #if ((OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(OPENSSL_IS_BORINGSSL) && !defined(LIBRESSL_VERSION_NUMBER))
 #define HAVE_SSL_RAND_KEEP_RANDOM_DEVICES_OPEN
 #endif

diff --git a/src/ssl_sample.c b/src/ssl_sample.c
index e2479f5..4c7d9aa 100644
--- a/src/ssl_sample.c
+++ b/src/ssl_sample.c

@@ -1029,7 +1029,7 @@
 #endif
 
 
-#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
+#ifdef HAVE_SSL_EXTRACT_RANDOM
 static int
 smp_fetch_ssl_fc_random(const struct arg *args, struct sample *smp, const char *kw, void *private)
 {
@@ -1462,7 +1462,7 @@
 #if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
 	{ "ssl_bc_session_id",      smp_fetch_ssl_fc_session_id,  0,                   NULL,    SMP_T_BIN,  SMP_USE_L5SRV },
 #endif
-#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
+#ifdef HAVE_SSL_EXTRACT_RANDOM
 	{ "ssl_bc_client_random",   smp_fetch_ssl_fc_random,      0,                   NULL,    SMP_T_BIN,  SMP_USE_L5SRV },
 	{ "ssl_bc_server_random",   smp_fetch_ssl_fc_random,      0,                   NULL,    SMP_T_BIN,  SMP_USE_L5SRV },
 	{ "ssl_bc_session_key",     smp_fetch_ssl_fc_session_key, 0,                   NULL,    SMP_T_BIN,  SMP_USE_L5SRV },
@@ -1514,7 +1514,7 @@
 #if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
 	{ "ssl_fc_session_id",      smp_fetch_ssl_fc_session_id,  0,                   NULL,    SMP_T_BIN,  SMP_USE_L5CLI },
 #endif
-#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
+#ifdef HAVE_SSL_EXTRACT_RANDOM
 	{ "ssl_fc_client_random",   smp_fetch_ssl_fc_random,      0,                   NULL,    SMP_T_BIN,  SMP_USE_L5CLI },
 	{ "ssl_fc_server_random",   smp_fetch_ssl_fc_random,      0,                   NULL,    SMP_T_BIN,  SMP_USE_L5CLI },
 	{ "ssl_fc_session_key",     smp_fetch_ssl_fc_session_key, 0,                   NULL,    SMP_T_BIN,  SMP_USE_L5CLI },