Check for LIBRESSL_VERSION_NUMBER in tls_openssl.c
LibreSSL does not yet support the new API, so do not use it when LIBRESSL_VERSION_NUMBER macro is defined. Signed-off-by: Marek Behun <kabel@blackhole.sk>
This commit is contained in:
parent
29fb191cfd
commit
36e820605f
1 changed files with 6 additions and 6 deletions
|
@ -3163,7 +3163,7 @@ static int tls_parse_pkcs12(struct tls_data *data, SSL *ssl, PKCS12 *p12,
|
||||||
}
|
}
|
||||||
|
|
||||||
if (certs) {
|
if (certs) {
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x10002000L
|
#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||||
SSL_clear_chain_certs(ssl);
|
SSL_clear_chain_certs(ssl);
|
||||||
while ((cert = sk_X509_pop(certs)) != NULL) {
|
while ((cert = sk_X509_pop(certs)) != NULL) {
|
||||||
X509_NAME_oneline(X509_get_subject_name(cert), buf,
|
X509_NAME_oneline(X509_get_subject_name(cert), buf,
|
||||||
|
@ -3746,7 +3746,7 @@ int tls_connection_get_random(void *ssl_ctx, struct tls_connection *conn,
|
||||||
if (conn == NULL || keys == NULL)
|
if (conn == NULL || keys == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
ssl = conn->ssl;
|
ssl = conn->ssl;
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
if (ssl == NULL || ssl->s3 == NULL || ssl->session == NULL)
|
if (ssl == NULL || ssl->s3 == NULL || ssl->session == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
|
@ -3775,7 +3775,7 @@ int tls_connection_get_random(void *ssl_ctx, struct tls_connection *conn,
|
||||||
#ifndef CONFIG_FIPS
|
#ifndef CONFIG_FIPS
|
||||||
static int openssl_get_keyblock_size(SSL *ssl)
|
static int openssl_get_keyblock_size(SSL *ssl)
|
||||||
{
|
{
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
const EVP_CIPHER *c;
|
const EVP_CIPHER *c;
|
||||||
const EVP_MD *h;
|
const EVP_MD *h;
|
||||||
int md_size;
|
int md_size;
|
||||||
|
@ -3845,7 +3845,7 @@ static int openssl_tls_prf(struct tls_connection *conn,
|
||||||
"mode");
|
"mode");
|
||||||
return -1;
|
return -1;
|
||||||
#else /* CONFIG_FIPS */
|
#else /* CONFIG_FIPS */
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
SSL *ssl;
|
SSL *ssl;
|
||||||
u8 *rnd;
|
u8 *rnd;
|
||||||
int ret = -1;
|
int ret = -1;
|
||||||
|
@ -4328,7 +4328,7 @@ int tls_connection_set_cipher_list(void *tls_ctx, struct tls_connection *conn,
|
||||||
|
|
||||||
wpa_printf(MSG_DEBUG, "OpenSSL: cipher suites: %s", buf + 1);
|
wpa_printf(MSG_DEBUG, "OpenSSL: cipher suites: %s", buf + 1);
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||||
#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST)
|
#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST)
|
||||||
if (os_strstr(buf, ":ADH-")) {
|
if (os_strstr(buf, ":ADH-")) {
|
||||||
/*
|
/*
|
||||||
|
@ -4917,7 +4917,7 @@ static int tls_sess_sec_cb(SSL *s, void *secret, int *secret_len,
|
||||||
struct tls_connection *conn = arg;
|
struct tls_connection *conn = arg;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
if (conn == NULL || conn->session_ticket_cb == NULL)
|
if (conn == NULL || conn->session_ticket_cb == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue