BUILD: ssl: simplify SSL_CTX_set_ecdh_auto compatibility

SSL_CTX_set_ecdh_auto is declared (when present) with #define. A simple #ifdef avoid to list all cases of ssllibs. It's a placebo in new ssllibs. It's ok with openssl 1.0.1, 1.0.2, 1.1.0, libressl and boringssl. Thanks to Piotr Kubaj for postponing and testing with libressl.
2025-08-07 15:47:01 +02:00 · 2017-03-20 11:11:49 +01:00 · 2017-03-20 11:11:49 +01:00 · a52bb15cc7
commit a52bb15cc7
parent 00f55524e0
2 changed files with 3 additions and 8 deletions
--- a/include/proto/openssl-compat.h
+++ b/include/proto/openssl-compat.h
@ -182,10 +182,4 @@ static inline int EVP_PKEY_base_id(EVP_PKEY *pkey)
 #define RAND_pseudo_bytes(x,y) RAND_bytes(x,y)
 #endif

-/* This function does nothing in 1.1.0 and doesn't exist in boringssl */
-#if defined(OPENSSL_IS_BORINGSSL) || (OPENSSL_VERSION_NUMBER >= 0x1010000fL)
-#undef  SSL_CTX_set_ecdh_auto
-#define SSL_CTX_set_ecdh_auto(ctx, onoff)
-#endif
-
 #endif /* _PROTO_OPENSSL_COMPAT_H */
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@ -3402,8 +3402,9 @@ int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_
 			      curproxy->id, conf_curves, bind_conf->arg, bind_conf->file, bind_conf->line);
 			cfgerr++;
 		}
-		else
-			SSL_CTX_set_ecdh_auto(ctx, 1);
+#if defined(SSL_CTX_set_ecdh_auto)
+		(void)SSL_CTX_set_ecdh_auto(ctx, 1);
+#endif
 	}
 #endif
 #if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)