BUG/MINOR: ssl: SSL_load_error_strings might not be defined

The SSL_load_error_strings function was marked as deprecated in OpenSSL 1.1.0 so compiling HAProxy with OPENSSL_NO_DEPRECATED set and a recent OpenSSL library would fail. The manpages say that this function was replaced by OPENSSL_init_crypto and OPENSSL_init_ssl which are already called at start up by the SSL lib. We do not seem to be in a case where explicit call of those functions is required. This patch fixes GitHub issue #1813. It can be backported to 2.6.
2025-09-21 22:01:31 +02:00 · 2022-09-15 16:22:57 +02:00 · 2022-09-15 16:22:57 +02:00 · e608b0eb16
commit e608b0eb16
parent 52fd8a1b7b
1 changed files with 6 additions and 1 deletions
--- a/src/haproxy.c
+++ b/src/haproxy.c
@ -2277,8 +2277,13 @@ static void init(int argc, char **argv)
 	}

 #ifdef USE_OPENSSL
-	/* Initialize the error strings of OpenSSL */
+#if (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
+	/* Initialize the error strings of OpenSSL
+	 * It only needs to be done explicitely with older versions of the SSL
+	 * library. On newer versions, errors strings are loaded during start
+	 * up. */
 	SSL_load_error_strings();
+#endif

 	/* Initialize SSL random generator. Must be called before chroot for
 	 * access to /dev/urandom, and before ha_random_boot() which may use