[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#8666) Fix build with LibreSSL
pawel@FreeBSD.org wrote:
> Full_Name: Paweł Pękala
> Version: 2.4.45
> OS: FreeBSD 12-CURRENT
> URL: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219781
> Submission from: (NULL) (62.141.192.76)
>
No. LibreSSL should not be hijacking OPENSSL_VERSION_NUMBER macros, especially
if it doesn't actually implement the features of those versions.
> Latest version fails to build with LibreSSL. Following patch fixes issue for
> me:
>
> --- libraries/libldap/tls_o.c.orig 2017-06-04 16:31:28 UTC
> +++ libraries/libldap/tls_o.c
> @@ -47,7 +47,7 @@
> #include <ssl.h>
> #endif
>
> -#if OPENSSL_VERSION_NUMBER >= 0x10100000
> +#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
> #define ASN1_STRING_data(x) ASN1_STRING_get0_data(x)
> #endif
>
> @@ -157,7 +157,7 @@ tlso_init( void )
> (void) tlso_seed_PRNG( lo->ldo_tls_randfile );
> #endif
>
> -#if OPENSSL_VERSION_NUMBER < 0x10100000
> +#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
> SSL_load_error_strings();
> SSL_library_init();
> OpenSSL_add_all_digests();
> @@ -205,7 +205,7 @@ static void
> tlso_ctx_ref( tls_ctx *ctx )
> {
> tlso_ctx *c = (tlso_ctx *)ctx;
> -#if OPENSSL_VERSION_NUMBER < 0x10100000
> +#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
> #define SSL_CTX_up_ref(ctx) CRYPTO_add( &(ctx->references), 1,
> CRYPTO_LOCK_SSL_CTX )
> #endif
> SSL_CTX_up_ref( c );
> @@ -464,7 +464,7 @@ tlso_session_my_dn( tls_session *sess, struct berval *
> if (!x) return LDAP_INVALID_CREDENTIALS;
>
> xn = X509_get_subject_name(x);
> -#if OPENSSL_VERSION_NUMBER < 0x10100000
> +#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
> der_dn->bv_len = i2d_X509_NAME( xn, NULL );
> der_dn->bv_val = xn->bytes->data;
> #else
> @@ -500,7 +500,7 @@ tlso_session_peer_dn( tls_session *sess, struct berval
> return LDAP_INVALID_CREDENTIALS;
>
> xn = X509_get_subject_name(x);
> -#if OPENSSL_VERSION_NUMBER < 0x10100000
> +#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
> der_dn->bv_len = i2d_X509_NAME( xn, NULL );
> der_dn->bv_val = xn->bytes->data;
> #else
> @@ -721,7 +721,7 @@ struct tls_data {
> Sockbuf_IO_Desc *sbiod;
> };
>
> -#if OPENSSL_VERSION_NUMBER < 0x10100000
> +#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
> #define BIO_set_init(b, x) b->init = x
> #define BIO_set_data(b, x) b->ptr = x
> #define BIO_clear_flags(b, x) b->flags &= ~(x)
> @@ -822,7 +822,7 @@ tlso_bio_puts( BIO *b, const char *str )
> return tlso_bio_write( b, str, strlen( str ) );
> }
>
> -#if OPENSSL_VERSION_NUMBER >= 0x10100000
> +#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
> struct bio_method_st {
> int type;
> const char *name;
>
>
>
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/