You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
43 lines
1.5 KiB
43 lines
1.5 KiB
commit 8c2e3b35a951c41b80efe4c3368d1244bab2bea4
|
|
Author: Emeric Brun <ebrun@haproxy.com>
|
|
Date: Thu Aug 16 11:36:40 2018 +0200
|
|
|
|
BUG/MINOR: ssl: empty connections reported as errors.
|
|
|
|
Empty connection is reported as handshake error
|
|
even if dont-log-null is specified.
|
|
|
|
This bug affect is a regression du to:
|
|
|
|
BUILD: ssl: fix to build (again) with boringssl
|
|
|
|
New openssl 1.1.1 defines OPENSSL_NO_HEARTBEATS as boring ssl
|
|
so the test was replaced by OPENSSL_IS_BORINGSSL
|
|
|
|
This fix should be backported on 1.8
|
|
|
|
(cherry picked from commit 77e8919fc6f382f3a7facdc814b8618b8987200f)
|
|
Signed-off-by: Willy Tarreau <w@1wt.eu>
|
|
|
|
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
|
|
index 7edfb799..49389f01 100644
|
|
--- a/src/ssl_sock.c
|
|
+++ b/src/ssl_sock.c
|
|
@@ -5121,7 +5121,7 @@ int ssl_sock_handshake(struct connection *conn, unsigned int flag)
|
|
if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
|
|
conn->flags &= ~CO_FL_WAIT_L4_CONN;
|
|
if (!conn->err_code) {
|
|
-#ifdef OPENSSL_NO_HEARTBEATS /* BoringSSL */
|
|
+#ifdef OPENSSL_IS_BORINGSSL /* BoringSSL */
|
|
conn->err_code = CO_ER_SSL_HANDSHAKE;
|
|
#else
|
|
int empty_handshake;
|
|
@@ -5205,7 +5205,7 @@ check_error:
|
|
if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
|
|
conn->flags &= ~CO_FL_WAIT_L4_CONN;
|
|
if (!conn->err_code) {
|
|
-#ifdef OPENSSL_NO_HEARTBEATS /* BoringSSL */
|
|
+#ifdef OPENSSL_IS_BORINGSSL /* BoringSSL */
|
|
conn->err_code = CO_ER_SSL_HANDSHAKE;
|
|
#else
|
|
int empty_handshake;
|