openssl: define HAVE_KEYLOG_CALLBACK before use

Before this patch this macro was used in `vtls/openssl.h` without setting it first, causing the `keylog_done` member be present in struct `ossl_ctx` while the code did not use it. Follow-up to 3210101088 #13172 Closes #16105
2025-01-27 23:04:02 +01:00 · 2025-01-27 23:04:02 +01:00 · 8b8ec574bc
commit 8b8ec574bc
parent 1dce2a1746
2 changed files with 13 additions and 12 deletions
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@ -203,18 +203,6 @@
 #define FREE_PKEY_PARAM_BIGNUM(name)
 #endif
 /*
 * Whether SSL_CTX_set_keylog_callback is available.
 * OpenSSL: supported since 1.1.1 https://github.com/openssl/openssl/pull/2287
 * BoringSSL: supported since d28f59c27bac (committed 2015-11-19)
 * LibreSSL: not supported. 3.5.0+ has a stub function that does nothing.
 */
 #if (OPENSSL_VERSION_NUMBER >= 0x10101000L && \
     !defined(LIBRESSL_VERSION_NUMBER)) || \
    defined(OPENSSL_IS_BORINGSSL)
 #define HAVE_KEYLOG_CALLBACK
 #endif
 /* Whether SSL_CTX_set_ciphersuites is available.
 * OpenSSL: supported since 1.1.1 (commit a53b5be6a05)
 * BoringSSL: no
--- a/lib/vtls/openssl.h
+++ b/lib/vtls/openssl.h
@ -31,11 +31,24 @@
 * This header should only be needed to get included by vtls.c, openssl.c
 * and ngtcp2.c
 */
 #include <openssl/opensslv.h>
 #include <openssl/ossl_typ.h>
 #include <openssl/ssl.h>
 #include "urldata.h"
 /*
 * Whether SSL_CTX_set_keylog_callback is available.
 * OpenSSL: supported since 1.1.1 https://github.com/openssl/openssl/pull/2287
 * BoringSSL: supported since d28f59c27bac (committed 2015-11-19)
 * LibreSSL: not supported. 3.5.0+ has a stub function that does nothing.
 */
 #if (OPENSSL_VERSION_NUMBER >= 0x10101000L && \
     !defined(LIBRESSL_VERSION_NUMBER)) || \
    defined(OPENSSL_IS_BORINGSSL)
 #define HAVE_KEYLOG_CALLBACK
 #endif
 struct ssl_peer;
 /* Struct to hold a curl OpenSSL instance */