You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
48 lines
1.5 KiB
48 lines
1.5 KiB
From 214736dce643ce3ee257da017373e88cc19d2d3b Mon Sep 17 00:00:00 2001
|
|
From: Frediano Ziglio <fziglio@redhat.com>
|
|
Date: Thu, 20 Jun 2019 13:26:11 +0100
|
|
Subject: [PATCH] reds: Fix SSL_CTX_set_ecdh_auto call for some old OpenSSL
|
|
|
|
SSL_CTX_set_ecdh_auto is not defined in some old versions of OpenSSL
|
|
|
|
Signed-off-by: Frediano Ziglio <fziglio@redhat.com>
|
|
Acked-by: Jeremy White <jwhite@codeweavers.com>
|
|
---
|
|
configure.ac | 9 +++++++++
|
|
server/reds.c | 2 ++
|
|
2 files changed, 11 insertions(+)
|
|
|
|
diff --git a/configure.ac b/configure.ac
|
|
index e12d7e85..49c009d4 100644
|
|
--- a/configure.ac
|
|
+++ b/configure.ac
|
|
@@ -209,6 +209,15 @@ AC_SUBST(SSL_CFLAGS)
|
|
AC_SUBST(SSL_LIBS)
|
|
AS_VAR_APPEND([SPICE_REQUIRES], [" openssl"])
|
|
|
|
+save_CFLAGS="$CFLAGS"
|
|
+CFLAGS="$CFLAGS $SSL_CFLAGS"
|
|
+AC_CHECK_DECLS([SSL_CTX_set_ecdh_auto], [], [], [
|
|
+AC_INCLUDES_DEFAULT
|
|
+#include <openssl/err.h>
|
|
+#include <openssl/ssl.h>
|
|
+])
|
|
+CFLAGS="$save_CFLAGS"
|
|
+
|
|
AC_CHECK_LIB(jpeg, jpeg_destroy_decompress,
|
|
AC_MSG_CHECKING([for jpeglib.h])
|
|
AC_TRY_CPP(
|
|
diff --git a/server/reds.c b/server/reds.c
|
|
index 792e9838..b4061fbc 100644
|
|
--- a/server/reds.c
|
|
+++ b/server/reds.c
|
|
@@ -2937,7 +2937,9 @@ static int reds_init_ssl(RedsState *reds)
|
|
}
|
|
|
|
SSL_CTX_set_options(reds->ctx, ssl_options);
|
|
+#if HAVE_DECL_SSL_CTX_SET_ECDH_AUTO || defined(SSL_CTX_set_ecdh_auto)
|
|
SSL_CTX_set_ecdh_auto(reds->ctx, 1);
|
|
+#endif
|
|
|
|
/* Load our keys and certificates*/
|
|
return_code = SSL_CTX_use_certificate_chain_file(reds->ctx, reds->config->ssl_parameters.certs_file);
|