From 214736dce643ce3ee257da017373e88cc19d2d3b Mon Sep 17 00:00:00 2001 From: Frediano Ziglio Date: Thu, 20 Jun 2019 13:26:11 +0100 Subject: [PATCH] reds: Fix SSL_CTX_set_ecdh_auto call for some old OpenSSL SSL_CTX_set_ecdh_auto is not defined in some old versions of OpenSSL Signed-off-by: Frediano Ziglio Acked-by: Jeremy White --- configure.ac | 9 +++++++++ server/reds.c | 2 ++ 2 files changed, 11 insertions(+) diff --git a/configure.ac b/configure.ac index e12d7e85..49c009d4 100644 --- a/configure.ac +++ b/configure.ac @@ -209,6 +209,15 @@ AC_SUBST(SSL_CFLAGS) AC_SUBST(SSL_LIBS) AS_VAR_APPEND([SPICE_REQUIRES], [" openssl"]) +save_CFLAGS="$CFLAGS" +CFLAGS="$CFLAGS $SSL_CFLAGS" +AC_CHECK_DECLS([SSL_CTX_set_ecdh_auto], [], [], [ +AC_INCLUDES_DEFAULT +#include +#include +]) +CFLAGS="$save_CFLAGS" + AC_CHECK_LIB(jpeg, jpeg_destroy_decompress, AC_MSG_CHECKING([for jpeglib.h]) AC_TRY_CPP( diff --git a/server/reds.c b/server/reds.c index 792e9838..b4061fbc 100644 --- a/server/reds.c +++ b/server/reds.c @@ -2937,7 +2937,9 @@ static int reds_init_ssl(RedsState *reds) } SSL_CTX_set_options(reds->ctx, ssl_options); +#if HAVE_DECL_SSL_CTX_SET_ECDH_AUTO || defined(SSL_CTX_set_ecdh_auto) SSL_CTX_set_ecdh_auto(reds->ctx, 1); +#endif /* Load our keys and certificates*/ return_code = SSL_CTX_use_certificate_chain_file(reds->ctx, reds->config->ssl_parameters.certs_file);