> On 04 Jul 2017, at 11:04, Willy Tarreau <w...@1wt.eu> wrote:
>
> Hi Dmitry,
>
> [CCing Bernard, the patch's author]
>
> On Mon, Jul 03, 2017 at 12:34:52AM +0300, Dmitry Sivachenko wrote:
>> Hello,
>>
>> can you please take a look at proposed patch to fix build of haproxy with
>> recent version of LibreSSL?
>>
>> https://www.mail-archive.com/haproxy@formilux.org/msg25819.html
>
> I personally have no opinion on this one, as long as it doesn't break the
> build for other versions. Do you see the problem on your FreeBSD builds ?
> Do you know if the patch applies to 1.8 (it was mangled so I didn't try).
> We could relatively easily apply Bernard's patch as his description can
> be used as a commit message.
On FreeBSD it does fix a build (though new warning appear which I can't explain
because of the lack of SSL knowledge):
src/ssl_sock.c:803:2: warning: incompatible integer to pointer conversion
assigning to 'void (*)(void)' from 'long' [-Wint-conversion]
SSL_CTX_get_tlsext_status_cb(ctx, &callback);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/ssl_sock.c:801:6: note: expanded from macro 'SSL_CTX_get_tlsext_status_cb'
...= SSL_CTX_ctrl(ctx,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB,0, (void (**)(void))cb)
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
The patch was taken form OpenBSD, so in general it should be fine.
Review from some SSL-aware guys on your side would be nice.
