BUILD: ssl: kill a build warning introduced by BoringSSL compatibility

A recent patch to support BoringSSL caused this warning to appear on OpenSSL 1.1.0 : src/ssl_sock.c:3062:4: warning: statement with no effect [-Wunused-value] It's caused by SSL_CTX_set_ecdh_auto() which is now only a macro testing that the last argument is zero, and the result is not used here. Let's just kill it for both versions. Tested with 0.9.8, 1.0.0, 1.0.1, 1.0.2, 1.1.0. This fix may be backported to 1.7 if the boringssl fix is as well.
2025-03-24 11:56:48 +00:00 · 2017-01-19 17:25:20 +01:00 · 2017-01-19 17:25:20 +01:00 · e3e326d9f0
commit e3e326d9f0
parent 77d88da7e1
2 changed files with 6 additions and 2 deletions
--- a/include/proto/openssl-compat.h
+++ b/include/proto/openssl-compat.h
@ -182,4 +182,10 @@ static inline int EVP_PKEY_base_id(EVP_PKEY *pkey)
 #define RAND_pseudo_bytes(x,y) RAND_bytes(x,y)
 #endif

+/* This function does nothing in 1.1.0 and doesn't exist in boringssl */
+#if defined(OPENSSL_IS_BORINGSSL) || (OPENSSL_VERSION_NUMBER >= 0x1010000fL)
+#undef  SSL_CTX_set_ecdh_auto
+#define SSL_CTX_set_ecdh_auto(ctx, onoff)
+#endif
+
 #endif /* _PROTO_OPENSSL_COMPAT_H */
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@ -3057,10 +3057,8 @@ int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_
 			      curproxy->id, conf_curves, bind_conf->arg, bind_conf->file, bind_conf->line);
 			cfgerr++;
 		}
-#ifndef OPENSSL_IS_BORINGSSL
 		else
 			SSL_CTX_set_ecdh_auto(ctx, 1);
-#endif
 	}
 #endif
 #if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)