diff --git a/src/ssl_sock.c b/src/ssl_sock.c index db9d4c119..248db7755 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -6868,10 +6868,10 @@ smp_fetch_ssl_fc_protocol(const struct arg *args, struct sample *smp, const char * This function is also usable on backend conn if the fetch keyword 5th * char is 'b'. */ +#if OPENSSL_VERSION_NUMBER > 0x0090800fL static int smp_fetch_ssl_fc_session_id(const struct arg *args, struct sample *smp, const char *kw, void *private) { -#if OPENSSL_VERSION_NUMBER > 0x0090800fL struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) : smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL; SSL_SESSION *ssl_sess; @@ -6891,15 +6891,14 @@ smp_fetch_ssl_fc_session_id(const struct arg *args, struct sample *smp, const ch return 0; return 1; -#else - return 0; -#endif } +#endif + +#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME static int smp_fetch_ssl_fc_sni(const struct arg *args, struct sample *smp, const char *kw, void *private) { -#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME struct connection *conn; smp->flags = SMP_F_CONST; @@ -6915,10 +6914,8 @@ smp_fetch_ssl_fc_sni(const struct arg *args, struct sample *smp, const char *kw, smp->data.u.str.len = strlen(smp->data.u.str.str); return 1; -#else - return 0; -#endif } +#endif static int smp_fetch_ssl_fc_cl_bin(const struct arg *args, struct sample *smp, const char *kw, void *private) @@ -7011,10 +7008,10 @@ smp_fetch_ssl_fc_cl_str(const struct arg *args, struct sample *smp, const char * #endif } +#if OPENSSL_VERSION_NUMBER > 0x0090800fL static int smp_fetch_ssl_fc_unique_id(const struct arg *args, struct sample *smp, const char *kw, void *private) { -#if OPENSSL_VERSION_NUMBER > 0x0090800fL struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) : smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL; int finished_len; @@ -7043,10 +7040,8 @@ smp_fetch_ssl_fc_unique_id(const struct arg *args, struct sample *smp, const cha smp->data.type = SMP_T_BIN; return 1; -#else - return 0; -#endif } +#endif /* integer, returns the first verify error in CA chain of client certificate chain. */ static int @@ -8642,7 +8637,9 @@ static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, { { "ssl_bc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5SRV }, { "ssl_bc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV }, { "ssl_bc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5SRV }, +#if OPENSSL_VERSION_NUMBER > 0x0090800fL { "ssl_bc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV }, +#endif { "ssl_c_ca_err", smp_fetch_ssl_c_ca_err, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI }, { "ssl_c_ca_err_depth", smp_fetch_ssl_c_ca_err_depth, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI }, { "ssl_c_der", smp_fetch_ssl_x_der, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI }, @@ -8682,10 +8679,16 @@ static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, { { "ssl_fc_alpn", smp_fetch_ssl_fc_alpn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI }, #endif { "ssl_fc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5CLI }, +#if OPENSSL_VERSION_NUMBER > 0x0090800fL { "ssl_fc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI }, +#endif { "ssl_fc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI }, +#if OPENSSL_VERSION_NUMBER > 0x0090800fL { "ssl_fc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI }, +#endif +#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME { "ssl_fc_sni", smp_fetch_ssl_fc_sni, 0, NULL, SMP_T_STR, SMP_USE_L5CLI }, +#endif { "ssl_fc_cipherlist_bin", smp_fetch_ssl_fc_cl_bin, 0, NULL, SMP_T_STR, SMP_USE_L5CLI }, { "ssl_fc_cipherlist_hex", smp_fetch_ssl_fc_cl_hex, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI }, { "ssl_fc_cipherlist_str", smp_fetch_ssl_fc_cl_str, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },