BUG/MINOR: ssl: SSL_load_error_strings might not be defined The SSL_load_error_strings function was marked as deprecated in OpenSSL 1.1.0 so compiling HAProxy with OPENSSL_NO_DEPRECATED set and a recent OpenSSL library would fail. The manpages say that this function was replaced by OPENSSL_init_crypto and OPENSSL_init_ssl which are already called at start up by the SSL lib. We do not seem to be in a case where explicit call of those functions is required. This patch fixes GitHub issue #1813. It can be backported to 2.6.

commit: e608b0eb1699be68e8c9fe95fec037eeeecedb4a [log] [tgz]
author: Remi Tricot-Le Breton <rlebreton@haproxy.com> Thu Sep 15 16:22:57 2022 +0200
committer: William Lallemand <wlallemand@haproxy.org> Wed Nov 16 11:09:33 2022 +0100
tree: 8e58e71c66632ab6a17c9a5e1ecefd1b910f707a
parent: 52fd8a1b7b8a5a328cb5f4fabd42d2ca7af78760 [diff] [blame]
diff --git a/src/haproxy.c b/src/haproxy.c
index 9f5e75f..a4916cf 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c

@@ -2277,8 +2277,13 @@
 	}
 
 #ifdef USE_OPENSSL
-	/* Initialize the error strings of OpenSSL */
+#if (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
+	/* Initialize the error strings of OpenSSL
+	 * It only needs to be done explicitely with older versions of the SSL
+	 * library. On newer versions, errors strings are loaded during start
+	 * up. */
 	SSL_load_error_strings();
+#endif
 
 	/* Initialize SSL random generator. Must be called before chroot for
 	 * access to /dev/urandom, and before ha_random_boot() which may use
commit	e608b0eb1699be68e8c9fe95fec037eeeecedb4a	[log] [tgz]
author	Remi Tricot-Le Breton <rlebreton@haproxy.com>	Thu Sep 15 16:22:57 2022 +0200
committer	William Lallemand <wlallemand@haproxy.org>	Wed Nov 16 11:09:33 2022 +0100
tree	8e58e71c66632ab6a17c9a5e1ecefd1b910f707a
parent	52fd8a1b7b8a5a328cb5f4fabd42d2ca7af78760 [diff] [blame]