Update openssl_compat.h for newer LibreSSL

LibreSSL has added some of the functions that are defined here. However, we still need RSA_F_RSA_OSSL_PRIVATE_ENCRYPT. v2: Change ifdef condition for RSA_F_RSA_OSSL_PRIVATE_ENCRYPT. v3: Don't break WolfSSL. Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <20220822154037.44320-1-maximilian.fillinger@foxcrypto.com> URL: https://www.mail-archive.com/search?l=mid&q=20220822154037.44320-1-maximilian.fillinger@foxcrypto.com Signed-off-by: Gert Doering <gert@greenie.muc.de>
2026-05-28 04:03:29 -04:00 · 2022-08-22 17:40:37 +02:00 · 2022-08-22 17:40:37 +02:00 · 6d9695de9f
commit 6d9695de9f
parent 734de8f9aa
1 changed files with 5 additions and 3 deletions
--- a/src/openvpn/openssl_compat.h
+++ b/src/openvpn/openssl_compat.h
@ -51,8 +51,8 @@
 #define SSL_CTX_set1_groups SSL_CTX_set1_curves
 #endif

-/* Functionality missing in LibreSSL and OpenSSL 1.0.2 */
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)) && !defined(ENABLE_CRYPTO_WOLFSSL)
+/* Functionality missing in LibreSSL before 3.5 and OpenSSL 1.0.2 */
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3050000fL)) && !defined(ENABLE_CRYPTO_WOLFSSL)
 /**
 * Destroy a X509 object
 *
@ -68,11 +68,13 @@ X509_OBJECT_free(X509_OBJECT *obj)
    }
 }

-#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT       RSA_F_RSA_EAY_PRIVATE_ENCRYPT
 #define EVP_CTRL_AEAD_SET_TAG                EVP_CTRL_GCM_SET_TAG
 #define EVP_CTRL_AEAD_GET_TAG                EVP_CTRL_GCM_GET_TAG
 #endif

+#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)) && !defined(ENABLE_CRYPTO_WOLFSSL)
+#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT       RSA_F_RSA_EAY_PRIVATE_ENCRYPT
+#endif

 /* Functionality missing in 1.0.2 */
 #if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(ENABLE_CRYPTO_WOLFSSL)