LibreSSL: Fix build with LibreSSL

The changes needed for OpenSSL 1.1.0 had broken this since LibreSSL is
defining OPENSSL_VERSION_NUMBER in a manner that claims it to be newer
than the current OpenSSL version even though it does not support the
current OpenSSL API.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2016-01-15 14:06:46 +02:00 committed by Jouni Malinen
parent 0daa9f6a13
commit 587b0457e0
2 changed files with 10 additions and 10 deletions

View file

@ -31,7 +31,7 @@
#include "sha384.h" #include "sha384.h"
#include "crypto.h" #include "crypto.h"
#if OPENSSL_VERSION_NUMBER < 0x10100000L #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
/* Compatibility wrapper for older versions. */ /* Compatibility wrapper for older versions. */
static int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx) static int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx)
{ {
@ -73,7 +73,7 @@ static BIGNUM * get_group5_prime(void)
static int openssl_digest_vector(const EVP_MD *type, size_t num_elem, static int openssl_digest_vector(const EVP_MD *type, size_t num_elem,
const u8 *addr[], const size_t *len, u8 *mac) const u8 *addr[], const size_t *len, u8 *mac)
{ {
#if OPENSSL_VERSION_NUMBER >= 0x10100000L #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
EVP_MD_CTX *ctx; EVP_MD_CTX *ctx;
size_t i; size_t i;
unsigned int mac_len; unsigned int mac_len;
@ -733,7 +733,7 @@ void dh5_free(void *ctx)
struct crypto_hash { struct crypto_hash {
#if OPENSSL_VERSION_NUMBER >= 0x10100000L #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
HMAC_CTX *ctx; HMAC_CTX *ctx;
#else #else
HMAC_CTX ctx; HMAC_CTX ctx;
@ -772,7 +772,7 @@ struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key,
ctx = os_zalloc(sizeof(*ctx)); ctx = os_zalloc(sizeof(*ctx));
if (ctx == NULL) if (ctx == NULL)
return NULL; return NULL;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
ctx->ctx = HMAC_CTX_new(); ctx->ctx = HMAC_CTX_new();
if (!ctx->ctx) { if (!ctx->ctx) {
os_free(ctx); os_free(ctx);
@ -801,7 +801,7 @@ void crypto_hash_update(struct crypto_hash *ctx, const u8 *data, size_t len)
{ {
if (ctx == NULL) if (ctx == NULL)
return; return;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
HMAC_Update(ctx->ctx, data, len); HMAC_Update(ctx->ctx, data, len);
#else #else
HMAC_Update(&ctx->ctx, data, len); HMAC_Update(&ctx->ctx, data, len);
@ -818,7 +818,7 @@ int crypto_hash_finish(struct crypto_hash *ctx, u8 *mac, size_t *len)
return -2; return -2;
if (mac == NULL || len == NULL) { if (mac == NULL || len == NULL) {
#if OPENSSL_VERSION_NUMBER >= 0x10100000L #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
HMAC_CTX_free(ctx->ctx); HMAC_CTX_free(ctx->ctx);
#endif #endif
bin_clear_free(ctx, sizeof(*ctx)); bin_clear_free(ctx, sizeof(*ctx));
@ -826,7 +826,7 @@ int crypto_hash_finish(struct crypto_hash *ctx, u8 *mac, size_t *len)
} }
mdlen = *len; mdlen = *len;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
res = HMAC_Final(ctx->ctx, mac, &mdlen); res = HMAC_Final(ctx->ctx, mac, &mdlen);
HMAC_CTX_free(ctx->ctx); HMAC_CTX_free(ctx->ctx);
#else #else
@ -849,7 +849,7 @@ static int openssl_hmac_vector(const EVP_MD *type, const u8 *key,
const u8 *addr[], const size_t *len, u8 *mac, const u8 *addr[], const size_t *len, u8 *mac,
unsigned int mdlen) unsigned int mdlen)
{ {
#if OPENSSL_VERSION_NUMBER >= 0x10100000L #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
HMAC_CTX *ctx; HMAC_CTX *ctx;
size_t i; size_t i;
int res; int res;

View file

@ -4049,7 +4049,7 @@ int tls_global_set_params(void *tls_ctx,
* commented out unless explicitly needed for EAP-FAST in order to be able to * commented out unless explicitly needed for EAP-FAST in order to be able to
* build this file with unmodified openssl. */ * build this file with unmodified openssl. */
#if defined(OPENSSL_IS_BORINGSSL) || OPENSSL_VERSION_NUMBER >= 0x10100000L #if (defined(OPENSSL_IS_BORINGSSL) || OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER)
static int tls_sess_sec_cb(SSL *s, void *secret, int *secret_len, static int tls_sess_sec_cb(SSL *s, void *secret, int *secret_len,
STACK_OF(SSL_CIPHER) *peer_ciphers, STACK_OF(SSL_CIPHER) *peer_ciphers,
const SSL_CIPHER **cipher, void *arg) const SSL_CIPHER **cipher, void *arg)
@ -4157,7 +4157,7 @@ int tls_connection_set_session_ticket_cb(void *tls_ctx,
int tls_get_library_version(char *buf, size_t buf_len) int tls_get_library_version(char *buf, size_t buf_len)
{ {
#if OPENSSL_VERSION_NUMBER >= 0x10100000L #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
return os_snprintf(buf, buf_len, "OpenSSL build=%s run=%s", return os_snprintf(buf, buf_len, "OpenSSL build=%s run=%s",
OPENSSL_VERSION_TEXT, OPENSSL_VERSION_TEXT,
OpenSSL_version(OPENSSL_VERSION)); OpenSSL_version(OPENSSL_VERSION));