BUILD: ssl: introduce fine guard for ssl random extraction functions

SSL_get_{client,server}_random are supported in OpenSSL-1.1.0, BoringSSL, LibreSSL-2.7.0 let us introduce HAVE_SSL_EXTRACT_RANDOM for that purpose
2025-01-30 10:06:43 +00:00 · 2021-03-25 00:41:41 +05:00 · 2021-03-25 00:41:41 +05:00 · df627943a4
commit df627943a4
parent bc2c386992
2 changed files with 7 additions and 3 deletions
--- a/include/haproxy/openssl-compat.h
+++ b/include/haproxy/openssl-compat.h
@ -41,6 +41,10 @@
 #define OpenSSL_version_num     SSLeay
 #endif

+#if (LIBRESSL_VERSION_NUMBER >= 0x2070100fL) || defined(OPENSSL_IS_BORINGSSL) || (!defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L))
+#define HAVE_SSL_EXTRACT_RANDOM
+#endif
+
 #if ((OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(OPENSSL_IS_BORINGSSL) && !defined(LIBRESSL_VERSION_NUMBER))
 #define HAVE_SSL_RAND_KEEP_RANDOM_DEVICES_OPEN
 #endif
--- a/src/ssl_sample.c
+++ b/src/ssl_sample.c
@ -1029,7 +1029,7 @@ smp_fetch_ssl_fc_session_id(const struct arg *args, struct sample *smp, const ch
 #endif


-#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
+#ifdef HAVE_SSL_EXTRACT_RANDOM
 static int
 smp_fetch_ssl_fc_random(const struct arg *args, struct sample *smp, const char *kw, void *private)
 {
@ -1462,7 +1462,7 @@ static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
 #if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
 	{ "ssl_bc_session_id",      smp_fetch_ssl_fc_session_id,  0,                   NULL,    SMP_T_BIN,  SMP_USE_L5SRV },
 #endif
-#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
+#ifdef HAVE_SSL_EXTRACT_RANDOM
 	{ "ssl_bc_client_random",   smp_fetch_ssl_fc_random,      0,                   NULL,    SMP_T_BIN,  SMP_USE_L5SRV },
 	{ "ssl_bc_server_random",   smp_fetch_ssl_fc_random,      0,                   NULL,    SMP_T_BIN,  SMP_USE_L5SRV },
 	{ "ssl_bc_session_key",     smp_fetch_ssl_fc_session_key, 0,                   NULL,    SMP_T_BIN,  SMP_USE_L5SRV },
@ -1514,7 +1514,7 @@ static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
 #if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
 	{ "ssl_fc_session_id",      smp_fetch_ssl_fc_session_id,  0,                   NULL,    SMP_T_BIN,  SMP_USE_L5CLI },
 #endif
-#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
+#ifdef HAVE_SSL_EXTRACT_RANDOM
 	{ "ssl_fc_client_random",   smp_fetch_ssl_fc_random,      0,                   NULL,    SMP_T_BIN,  SMP_USE_L5CLI },
 	{ "ssl_fc_server_random",   smp_fetch_ssl_fc_random,      0,                   NULL,    SMP_T_BIN,  SMP_USE_L5CLI },
 	{ "ssl_fc_session_key",     smp_fetch_ssl_fc_session_key, 0,                   NULL,    SMP_T_BIN,  SMP_USE_L5CLI },