* Mismatch between build time OpenSSL and linked SSL,
* better to die here than segfault later.
*/
-#ifdef ENABLE_OPENSSL_VERSION_CHECK
if (ssl_check_version(mainconfig.allow_vulnerable_openssl) < 0) {
exit(1);
}
#endif
-#endif
/* Load the modules AFTER doing SSL checks */
if (setup_modules(FALSE, mainconfig.config) < 0) {
*
* @return 0 if ok, else -1
*/
-#if defined(HAVE_OPENSSL_CRYPTO_H) && defined(ENABLE_OPENSSL_VERSION_CHECK)
+#ifdef HAVE_OPENSSL_CRYPTO_H
int ssl_check_version(int allow_vulnerable)
{
long ssl_linked;
*/
} else if ((ssl_built & 0xfffff000) != (ssl_linked & 0xfffff000)) goto mismatch;
+# ifdef ENABLE_OPENSSL_VERSION_CHECK
if (!allow_vulnerable) {
/* Check for bad versions */
/* 1.0.1 - 1.0.1f CVE-2014-0160 http://heartbleed.com */
return -1;
}
}
+# endif
return 0;
}