Hi Ilya, On Wed, Nov 27, 2019 at 02:50:18AM +0500, ???? ??????? wrote: > Hello, > > I resolved `CRYPTO_set_id_callback', `ERR_remove_state', > `SSL_CTX_set_ecdh_auto' issues.
Great, thanks! I'm seeing some minor cosmetic details: > @@ -5046,7 +5046,9 @@ int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, > struct ssl_bind_conf *ssl_ > NULL); > > if (ecdhe == NULL) { > +#if defined(SSL_CTX_set_ecdh_auto) > (void)SSL_CTX_set_ecdh_auto(ctx, 1); > +#endif > return cfgerr; > } > #else Here, in order to avoid the pollution caused by too many ifdefs, I'd instead put this into openssl-compat.h: +#if !defined(SSL_CTX_set_ecdh_auto) +#define SSL_CTX_set_ecdh_auto(a,b) 0 +#endif As long as we can keep all such changes limited, we could imagine backporting them, that's great! Thanks, Willy