From c69be7cd3c7914808e73477704fb86486ea82cb6 Mon Sep 17 00:00:00 2001
From: Remi Tricot-Le Breton <rlebreton@haproxy.com>
Date: Wed, 20 Apr 2022 18:30:17 +0200
Subject: [PATCH] BUILD: ssl: Fix compilation with OpenSSL 1.0.2

The DH parameters used for OpenSSL versions 1.1.1 and earlier where
changed. For OpenSSL 1.0.2 and LibreSSL the newly introduced
ssl_get_dh_by_nid function is not used since we keep the original
parameters.
---
 src/ssl_sock.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 145ccb3fb..a7f232e4f 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -2954,6 +2954,7 @@ end:
 #endif
 }
 
+#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
 static inline HASSL_DH *ssl_get_dh_by_nid(int nid)
 {
 #if (HA_OPENSSL_VERSION_NUMBER >= 0x3000000fL)
@@ -2982,12 +2983,11 @@ end:
 #else
 
 	HASSL_DH *dh = NULL;
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
 	dh = DH_new_by_nid(nid);
-#endif
 	return dh;
 #endif
 }
+#endif
 
 
 static HASSL_DH * ssl_get_dh_1024(void)