5 #include <netinet/tcp.h>
7 +#include <openssl/bn.h>
8 #include <openssl/crypto.h>
9 #include <openssl/ssl.h>
10 #include <openssl/x509.h>
12 #include <openssl/async.h>
15 +#ifndef OPENSSL_VERSION
16 +#define OPENSSL_VERSION SSLEAY_VERSION
17 +#define OpenSSL_version(x) SSLeay_version(x)
18 +#define OpenSSL_version_num SSLeay
21 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
22 +#define X509_getm_notBefore X509_get_notBefore
23 +#define X509_getm_notAfter X509_get_notAfter
26 #include <import/lru.h>
27 #include <import/xxhash.h>
29 @@ -217,7 +229,7 @@ static struct {
30 .capture_cipherlist = 0,
34 +#if defined(USE_THREAD) && (OPENSSL_VERSION_NUMBER < 0x10100000L)
36 static HA_RWLOCK_T *ssl_rwlocks;
38 @@ -1716,8 +1728,8 @@ ssl_sock_do_create_cert(const char *servername, struct bind_conf *bind_conf, SSL
39 ASN1_INTEGER_set(X509_get_serialNumber(newcrt), HA_ATOMIC_ADD(&ssl_ctx_serial, 1));
41 /* Set duration for the certificate */
42 - if (!X509_gmtime_adj(X509_get_notBefore(newcrt), (long)-60*60*24) ||
43 - !X509_gmtime_adj(X509_get_notAfter(newcrt),(long)60*60*24*365))
44 + if (!X509_gmtime_adj(X509_getm_notBefore(newcrt), (long)-60*60*24) ||
45 + !X509_gmtime_adj(X509_getm_notAfter(newcrt),(long)60*60*24*365))
48 /* set public key in the certificate */
49 @@ -6387,7 +6399,7 @@ smp_fetch_ssl_x_notafter(const struct arg *args, struct sample *smp, const char
52 smp_trash = get_trash_chunk();
53 - if (ssl_sock_get_time(X509_get_notAfter(crt), smp_trash) <= 0)
54 + if (ssl_sock_get_time(X509_getm_notAfter(crt), smp_trash) <= 0)
57 smp->data.u.str = *smp_trash;
58 @@ -6487,7 +6499,7 @@ smp_fetch_ssl_x_notbefore(const struct a
61 smp_trash = get_trash_chunk();
62 - if (ssl_sock_get_time(X509_get_notBefore(crt), smp_trash) <= 0)
63 + if (ssl_sock_get_time(X509_getm_notBefore(crt), smp_trash) <= 0)
66 smp->data.u.str = *smp_trash;
67 @@ -9068,7 +9080,9 @@ static void __ssl_sock_init(void)
70 xprt_register(XPRT_SSL, &ssl_sock);
71 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
74 #if (!defined(OPENSSL_NO_COMP) && !defined(SSL_OP_NO_COMPRESSION))
75 cm = SSL_COMP_get_compression_methods();
76 i = sk_SSL_COMP_num(cm);
77 @@ -9077,7 +9091,7 @@ static void __ssl_sock_init(void)
82 +#if defined(USE_THREAD) && (OPENSSL_VERSION_NUMBER < 0x10100000L)
85 #if (OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL && !defined LIBRESSL_VERSION_NUMBER)
86 @@ -9106,8 +9120,8 @@ static void __ssl_sock_init(void)
87 #else /* OPENSSL_IS_BORINGSSL */
89 "\nRunning on OpenSSL version : %s%s",
90 - SSLeay_version(SSLEAY_VERSION),
91 - ((OPENSSL_VERSION_NUMBER ^ SSLeay()) >> 8) ? " (VERSIONS DIFFER!)" : "");
92 + OpenSSL_version(OPENSSL_VERSION),
93 + ((OPENSSL_VERSION_NUMBER ^ OpenSSL_version_num()) >> 8) ? " (VERSIONS DIFFER!)" : "");
95 memprintf(&ptr, "%s\nOpenSSL library supports TLS extensions : "
96 #if OPENSSL_VERSION_NUMBER < 0x00907000L
97 @@ -9198,12 +9212,14 @@ static void __ssl_sock_deinit(void)
101 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
108 -#if OPENSSL_VERSION_NUMBER >= 0x00907000L
109 +#if OPENSSL_VERSION_NUMBER >= 0x00907000L && OPENSSL_VERSION_NUMBER < 0x10100000L
110 CRYPTO_cleanup_all_ex_data();