From decb7c90dfbd90c53f6e098d783daa701699c64c Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Tue, 28 May 2024 19:16:18 +0200 Subject: [PATCH] CLEANUP: ssl_sock: move dirty openssl-1.0.2 wrapper to openssl-compat Valentine noticed this ugly SSL_CTX_get_tlsext_status_cb() macro definition inside ssl_sock.c that is dedicated to openssl-1.0.2 only. It would be better placed in openssl-compat.h, which is what this patch does. It also addresses a missing pair of parenthesis and removes an invalid extra semicolon. --- include/haproxy/openssl-compat.h | 5 +++++ src/ssl_sock.c | 4 ---- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/include/haproxy/openssl-compat.h b/include/haproxy/openssl-compat.h index 3dc916d3f..d145fb485 100644 --- a/include/haproxy/openssl-compat.h +++ b/include/haproxy/openssl-compat.h @@ -506,5 +506,10 @@ static inline unsigned long ERR_peek_error_func(const char **func) #define SSL_CTX_set1_sigalgs_list SSL_CTX_set1_sigalgs_list #endif +#ifndef SSL_CTX_get_tlsext_status_cb +# define SSL_CTX_get_tlsext_status_cb(ctx, cb) \ + *(cb) = (void (*) (void))ctx->tlsext_status_cb +#endif + #endif /* USE_OPENSSL */ #endif /* _HAPROXY_OPENSSL_COMPAT_H */ diff --git a/src/ssl_sock.c b/src/ssl_sock.c index a907f595d..e6bf3ff17 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -1185,10 +1185,6 @@ static int ssl_sock_load_ocsp(const char *path, SSL_CTX *ctx, struct ckch_store if (iocsp == ocsp) ocsp = NULL; -#ifndef SSL_CTX_get_tlsext_status_cb -# define SSL_CTX_get_tlsext_status_cb(ctx, cb) \ - *cb = (void (*) (void))ctx->tlsext_status_cb; -#endif SSL_CTX_get_tlsext_status_cb(ctx, &callback); if (inc_refcount_store)