Hello, yet another patch that reduces number of HA_OPENSSL_VERSION use
Ilya
From 6a33427cf8dce1fbde37f4ad2056c2012d8968e4 Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin <[email protected]> Date: Sun, 21 Mar 2021 12:50:47 +0500 Subject: [PATCH] BUILD: ssl: guard ecdh functions with SSL_CTX_set_tmp_ecdh macro let us use feature macro SSL_CTX_set_tmp_ecdh instead of comparing openssl version --- src/cfgparse-ssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cfgparse-ssl.c b/src/cfgparse-ssl.c index 4f05ce1c5..e7647b48b 100644 --- a/src/cfgparse-ssl.c +++ b/src/cfgparse-ssl.c @@ -722,7 +722,7 @@ static int bind_parse_curves(char **args, int cur_arg, struct proxy *px, struct /* parse the "ecdhe" bind keyword keyword */ static int ssl_bind_parse_ecdhe(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err) { -#if HA_OPENSSL_VERSION_NUMBER < 0x0090800fL +#if !defined(SSL_CTX_set_tmp_ecdh) memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (too old)", args[cur_arg]); return ERR_ALERT | ERR_FATAL; #elif defined(OPENSSL_NO_ECDH) -- 2.29.2

