upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-05-21 09:25:29 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 12

BUG/MINOR: jws: fix OpenSSL 3.0 version check from > to >=

Browse source 
Three #if directives used > 0x30000000L which excluded OpenSSL 3.0.0
exactly from the modern code path, treating it as pre-3.0. Changed all
three to >= 0x30000000L to match jwe.c and openssl-compat.h conventions.

This affects EC key thumbprint generation, RSA JWK generation, and
JWS algorithm detection for OpenSSL 3.0.0.
This commit is contained in:
Willy Tarreau 2026-04-29 10:02:56 +02:00
parent 0284be5456
commit 307294b30a
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/jws.c
View file

@ -54,7 +54,7 @@ static size_t EVP_PKEY_EC_to_pub_jwk(EVP_PKEY *pkey, char *dst, size_t dsize)
int ret = 0;
const char *crv = NULL;
#if HA_OPENSSL_VERSION_NUMBER > 0x30000000L
#if HA_OPENSSL_VERSION_NUMBER >= 0x30000000L
char curve[32] = {};
size_t curvelen;
int nid;
@ -144,7 +144,7 @@ static size_t EVP_PKEY_RSA_to_pub_jwk(EVP_PKEY *pkey, char *dst, size_t dsize)
struct buffer *str_n = NULL, *str_e = NULL;
int ret = 0;
#if HA_OPENSSL_VERSION_NUMBER > 0x30000000L
#if HA_OPENSSL_VERSION_NUMBER >= 0x30000000L
if ((EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_N, &n)) == 0)
goto out;
@ -292,7 +292,7 @@ enum jwt_alg EVP_PKEY_to_jws_alg(EVP_PKEY *pkey)
enum jwt_alg alg = JWS_ALG_NONE;
if (EVP_PKEY_base_id(pkey) == EVP_PKEY_EC) {
#if HA_OPENSSL_VERSION_NUMBER > 0x30000000L
#if HA_OPENSSL_VERSION_NUMBER >= 0x30000000L
char curve[32] = {};
size_t curvelen;
int nid;