> On 2014/12/09 07:37, Brent Cook wrote: >> If an app calls a function, it should probably check if that function >> exists during configuration time, rather than inferring if define A >> exists, function B and C must exist. Especially things that are just >> protocol constant definitions. If they are using autoconf, a call to >> AC_CHECK_FUNCS would be better, IMHO. > > Neither nginx nor haproxy use autoconf. nginx has it's own config > testing infrastructure where this could be added, though they appear > to be deliberately trying to keep the maze of #ifdef and configuration > tests to a minimum. haproxy has a simple Makefile with USE_* flags > set for different system types, it's quite clean and straightforward > but doesn't allow for this type of test.
Thats correct indeed. I believe a not to be underestimated amount of applications #ifdef's certain functionality of openssl out, for example NPN (SSL_CTRL_SET_TLSEXT_HOSTNAME) or server preferential cipher ordering (SSL_OP_CIPHER_SERVER_PREFERENCE). In fact if I'm not mistaken that is exactly the reason why both LibreSSL [1] and BoringSSL [2] have "opensslfeatures.h". > But, I believe jsing@ has a patch in-review to merge the rest ALPN > support any way. Great, thanks! [1] https://github.com/libressl-portable/openbsd/blob/master/src/lib/libssl/src/crypto/opensslfeatures.h [2] https://boringssl.googlesource.com/boringssl/+/987b8f1e715414b0b278a4a0c64ec9c97ad65f58%5E!/
