mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-06 07:07:04 +02:00
Code Issues Projects Releases Wiki Activity

BUILD: ssl: allow to build without the renegotiation API of WolfSSL

Browse Source 
In ticket https://github.com/wolfSSL/wolfssl/issues/6834, it was
suggested to push --enable-haproxy within --enable-distro.

WolfSSL does not want to include the renegotiation support in
--enable-distro.

To achieve this, let haproxy build without SSL_renegotiate_pending()
when wolfssl does not define HAVE_SECURE_RENEGOCIATION or
HAVE_SERVER_RENEGOCIATION_INFO.
This commit is contained in:
William Lallemand 2025-01-28 18:27:31 +01:00
parent 9253146b90
commit c6a8279cdf
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
include/haproxy/openssl-compat.h
View File

@ -417,7 +417,8 @@ static inline unsigned long ERR_peek_error_func(const char **func)
#define SSL_OP_CIPHER_SERVER_PREFERENCE 0
#endif
#ifndef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION /* needs OpenSSL >= 0.9.7 */
/* needs OpenSSL >= 0.9.7 and renegotation options on WolfSSL */
#if !defined(SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION) && !defined(HAVE_SECURE_RENEGOTIATION) && !defined(HAVE_SERVER_RENEGOTIATION_INFO)
#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0
#define SSL_renegotiate_pending(arg) 0
#endif