[PATCH] another ssl fine guard (SSL_CTX_get0_privatekey)

2020-12-18 Thread Илья Шипицин 
Hello,

another fine guard.

Ilya
From 8a2b832579bf1426975f05dbe78c4eddaf376e11 Mon Sep 17 00:00:00 2001
From: Ilya Shipitsin 
Date: Sat, 19 Dec 2020 03:12:12 +0500
Subject: [PATCH] BUILD: ssl: fine guard for SSL_CTX_get0_privatekey call

SSL_CTX_get0_privatekey is openssl/boringssl specific function present
since openssl-1.0.2, let us define readable guard for it, not depending
on HA_OPENSSL_VERSION
---
 include/haproxy/openssl-compat.h | 4 
 src/ssl_sock.c   | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/include/haproxy/openssl-compat.h b/include/haproxy/openssl-compat.h
index 564d1ea78..3cba3627f 100644
--- a/include/haproxy/openssl-compat.h
+++ b/include/haproxy/openssl-compat.h
@@ -49,6 +49,10 @@
 #define HAVE_SL_CTX_ADD_SERVER_CUSTOM_EXT
 #endif
 
+#if ((OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER))
+#define HAVE_SSL_CTX_get0_privatekey
+#endif
+
 #if (HA_OPENSSL_VERSION_NUMBER < 0x0090800fL)
 /* Functions present in OpenSSL 0.9.8, older not tested */
 static inline const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *sess, unsigned int *sid_length)
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 9bb1d1cb4..766f200fb 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -1920,7 +1920,7 @@ ssl_sock_do_create_cert(const char *servername, struct bind_conf *bind_conf, SSL
 	int 	  key_type;
 
 	/* Get the private key of the default certificate and use it */
-#if (HA_OPENSSL_VERSION_NUMBER >= 0x10002000L)
+#ifdef HAVE_SSL_CTX_get0_privatekey
 	pkey = SSL_CTX_get0_privatekey(bind_conf->default_ctx);
 #else
 	tmp_ssl = SSL_new(bind_conf->default_ctx);
-- 
2.28.0

Re: [PATCH} suppress "misleading indentation" gcc 11 warning

2020-12-18 Thread Nicolas CARPi 
On 18 Dec, Tim Düsterhus wrote:
> I'm not sure I understand the question correctly, but I assume you mean
> the highlighting due to me directly linking to the lines?
Arf, didn't realize that... Thanks!

~Nico

Re: [PATCH} suppress "misleading indentation" gcc 11 warning

2020-12-18 Thread Tim Düsterhus 
Nicolas,

Am 18.12.20 um 02:13 schrieb Nicolas CARPi:
>> But even then it stomps over stuff like `a_eq_b` in
>> contrib/ip6range/ip6range.c:
> Could you please enlighten me as to why the diff of this function is of a
> different color from the rest? First time I see this.
> 

I'm not sure I understand the question correctly, but I assume you mean
the highlighting due to me directly linking to the lines?

You can select a range of line numbers by clicking the first line,
holding Shift and clicking the second line. The URL bar will
automatically updated to link to the range.

Best regards
Tim Düsterhus