BUILD: SSL: introduce fine guard for RAND_keep_random_devices_open

RAND_keep_random_devices_open is OpenSSL specific function, not
implemented in LibreSSL and BoringSSL. Let us define guard
HAVE_SSL_RAND_KEEP_RANDOM_DEVICES_OPEN in include/haproxy/openssl-compat.h
That guard does not depend anymore on HA_OPENSSL_VERSION
This commit is contained in:
Ilya Shipitsin 2021-02-19 23:42:53 +05:00 committed by William Lallemand
parent 31dd393da0
commit 98a9e1b873
2 changed files with 5 additions and 1 deletions

View File

@ -41,6 +41,10 @@
#define OpenSSL_version_num SSLeay #define OpenSSL_version_num SSLeay
#endif #endif
#if ((OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(OPENSSL_IS_BORINGSSL) && !defined(LIBRESSL_VERSION_NUMBER))
#define HAVE_SSL_RAND_KEEP_RANDOM_DEVICES_OPEN
#endif
#if ((OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(LIBRESSL_VERSION_NUMBER) && !defined(OPENSSL_IS_BORINGSSL)) #if ((OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(LIBRESSL_VERSION_NUMBER) && !defined(OPENSSL_IS_BORINGSSL))
#define HAVE_SSL_CTX_SET_CIPHERSUITES #define HAVE_SSL_CTX_SET_CIPHERSUITES
#endif #endif

View File

@ -782,7 +782,7 @@ void mworker_reload()
if (fdtab) if (fdtab)
deinit_pollers(); deinit_pollers();
} }
#if defined(USE_OPENSSL) && (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(OPENSSL_IS_BORINGSSL) #ifdef HAVE_SSL_RAND_KEEP_RANDOM_DEVICES_OPEN
/* close random device FDs */ /* close random device FDs */
RAND_keep_random_devices_open(0); RAND_keep_random_devices_open(0);
#endif #endif