Attachment #192080 for bug #227192

View | Details | Raw Unified | Return to bug 227192 | Differences between
Collapse All | Expand All




--- libraries/libldap/tls_o.c.orig	2018-03-30 09:32:58 UTC
+++ libraries/libldap/tls_o.c
@@ -47,7 +47,7 @@
 #include <ssl.h>
 #endif
 
-#if OPENSSL_VERSION_NUMBER >= 0x10100000
+#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !(defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000)
 #define ASN1_STRING_data(x)	ASN1_STRING_get0_data(x)
 #endif
 
@@ -157,7 +157,7 @@ tlso_init( void )
 static int tlso_verify_cb( int ok, X509_STORE_CTX *ctx );
 static int tlso_verify_ok( int ok, X509_STORE_CTX *ctx );
 static int tlso_seed_PRNG( const char *randfile );
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
 /*
  * OpenSSL 1.1 API and later has new locking code
 */
@@ -116,7 +116,7 @@
 #endif
 #endif /* OpenSSL 1.1 */
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
 /*
  * OpenSSL 1.1 API and later makes the BIO method concrete types internal.
  */
@@ -197,7 +197,7 @@
 	(void) tlso_seed_PRNG( lo->ldo_tls_randfile );
 #endif
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000)
 	SSL_load_error_strings();
 	SSL_library_init();
 	OpenSSL_add_all_digests();
@@ -205,7 +205,7 @@ static void
 
 	BIO_meth_free( tlso_bio_method );
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
 	EVP_cleanup();
 #if OPENSSL_VERSION_NUMBER < 0x10000000
 	ERR_remove_state(0);
@@ -249,7 +249,7 @@
 tlso_ctx_ref( tls_ctx *ctx )
 {
 	tlso_ctx *c = (tlso_ctx *)ctx;
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000)
 #define	SSL_CTX_up_ref(ctx)	CRYPTO_add( &(ctx->references), 1, CRYPTO_LOCK_SSL_CTX )
 #endif
 	SSL_CTX_up_ref( c );
@@ -464,7 +464,7 @@ tlso_session_my_dn( tls_session *sess, s
 	SSL_CTX_set_verify( ctx, i,
 		lo->ldo_tls_require_cert == LDAP_OPT_X_TLS_ALLOW ?
 		tlso_verify_ok : tlso_verify_cb );
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
 	SSL_CTX_set_tmp_rsa_callback( ctx, tlso_tmp_rsa_cb );
 #endif
 #ifdef HAVE_OPENSSL_CRL
@@ -508,7 +508,7 @@
 	if (!x) return LDAP_INVALID_CREDENTIALS;
 	
 	xn = X509_get_subject_name(x);
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000)
 	der_dn->bv_len = i2d_X509_NAME( xn, NULL );
 	der_dn->bv_val = xn->bytes->data;
 #else
@@ -500,7 +500,7 @@ tlso_session_peer_dn( tls_session *sess,
 		return LDAP_INVALID_CREDENTIALS;
 
 	xn = X509_get_subject_name(x);
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000)
 	der_dn->bv_len = i2d_X509_NAME( xn, NULL );
 	der_dn->bv_val = xn->bytes->data;
 #else
@@ -721,7 +721,7 @@ struct tls_data {
 	Sockbuf_IO_Desc		*sbiod;
 };
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000)
 #define BIO_set_init(b, x)	b->init = x
 #define BIO_set_data(b, x)	b->ptr = x
 #define BIO_clear_flags(b, x)	b->flags &= ~(x)
@@ -1170,7 +1170,7 @@
 	}
 }
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
 static RSA *
 tlso_tmp_rsa_cb( SSL *ssl, int is_export, int key_length )
 {

Return to bug 227192

Lines 1-101 Link Here

(-)net/openldap24-server/files/patch-libressl (-58 / +13 lines)
1	--- libraries/libldap/tls_o.c.orig 2018-03-22 08:44:27.000000000 -0700	1	--- libraries/libldap/tls_o.c.orig 2018-03-30 09:32:58 UTC
2	+++ libraries/libldap/tls_o.c 2018-03-29 20:41:39.574182742 -0700	2	+++ libraries/libldap/tls_o.c
3	@@ -47,7 +47,7 @@	3	@@ -47,7 +47,7 @@
4	#include <ssl.h>	4	#include <ssl.h>
5	#endif	5	#endif
6		6
7	-#if OPENSSL_VERSION_NUMBER >= 0x10100000	7	-#if OPENSSL_VERSION_NUMBER >= 0x10100000
8	+#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)	8	+#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !(defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000)
9	#define ASN1_STRING_data(x) ASN1_STRING_get0_data(x)	9	#define ASN1_STRING_data(x) ASN1_STRING_get0_data(x)
10	#endif	10	#endif
11		11
12	@@ -65,7 +65,7 @@	12	@@ -157,7 +157,7 @@ tlso_init( void )
13	static int tlso_verify_cb( int ok, X509_STORE_CTX *ctx );
14	static int tlso_verify_ok( int ok, X509_STORE_CTX *ctx );
15	static int tlso_seed_PRNG( const char *randfile );
16	-#if OPENSSL_VERSION_NUMBER < 0x10100000
17	+#if OPENSSL_VERSION_NUMBER < 0x10100000 \|\| defined(LIBRESSL_VERSION_NUMBER)
18	/*
19	* OpenSSL 1.1 API and later has new locking code
20	*/
21	@@ -116,7 +116,7 @@
22	#endif
23	#endif /* OpenSSL 1.1 */
24
25	-#if OPENSSL_VERSION_NUMBER < 0x10100000
26	+#if OPENSSL_VERSION_NUMBER < 0x10100000 \|\| defined(LIBRESSL_VERSION_NUMBER)
27	/*
28	* OpenSSL 1.1 API and later makes the BIO method concrete types internal.
29	*/
30	@@ -197,7 +197,7 @@
31	(void) tlso_seed_PRNG( lo->ldo_tls_randfile );	13	(void) tlso_seed_PRNG( lo->ldo_tls_randfile );
32	#endif	14	#endif
33		15
34	-#if OPENSSL_VERSION_NUMBER < 0x10100000	16	-#if OPENSSL_VERSION_NUMBER < 0x10100000
35	+#if OPENSSL_VERSION_NUMBER < 0x10100000 \|\| defined(LIBRESSL_VERSION_NUMBER)	17	+#if OPENSSL_VERSION_NUMBER < 0x10100000 \|\| (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000)
36	SSL_load_error_strings();	18	SSL_load_error_strings();
37	SSL_library_init();	19	SSL_library_init();
38	OpenSSL_add_all_digests();	20	OpenSSL_add_all_digests();
39	@@ -223,7 +223,7 @@	21	@@ -205,7 +205,7 @@ static void
40
41	BIO_meth_free( tlso_bio_method );
42
43	-#if OPENSSL_VERSION_NUMBER < 0x10100000
44	+#if OPENSSL_VERSION_NUMBER < 0x10100000 \|\| defined(LIBRESSL_VERSION_NUMBER)
45	EVP_cleanup();
46	#if OPENSSL_VERSION_NUMBER < 0x10000000
47	ERR_remove_state(0);
48	@@ -249,7 +249,7 @@
49	tlso_ctx_ref( tls_ctx *ctx )	22	tlso_ctx_ref( tls_ctx *ctx )
50	{	23	{
51	tlso_ctx c = (tlso_ctx )ctx;	24	tlso_ctx c = (tlso_ctx )ctx;
52	-#if OPENSSL_VERSION_NUMBER < 0x10100000	25	-#if OPENSSL_VERSION_NUMBER < 0x10100000
53	+#if OPENSSL_VERSION_NUMBER < 0x10100000 \|\| defined(LIBRESSL_VERSION_NUMBER)	26	+#if OPENSSL_VERSION_NUMBER < 0x10100000 \|\| (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000)
54	#define SSL_CTX_up_ref(ctx) CRYPTO_add( &(ctx->references), 1, CRYPTO_LOCK_SSL_CTX )	27	#define SSL_CTX_up_ref(ctx) CRYPTO_add( &(ctx->references), 1, CRYPTO_LOCK_SSL_CTX )
55	#endif	28	#endif
56	SSL_CTX_up_ref( c );	29	SSL_CTX_up_ref( c );
57	@@ -411,7 +411,7 @@	30	@@ -464,7 +464,7 @@ tlso_session_my_dn( tls_session *sess, s
58	SSL_CTX_set_verify( ctx, i,
59	lo->ldo_tls_require_cert == LDAP_OPT_X_TLS_ALLOW ?
60	tlso_verify_ok : tlso_verify_cb );
61	-#if OPENSSL_VERSION_NUMBER < 0x10100000
62	+#if OPENSSL_VERSION_NUMBER < 0x10100000 \|\| defined(LIBRESSL_VERSION_NUMBER)
63	SSL_CTX_set_tmp_rsa_callback( ctx, tlso_tmp_rsa_cb );
64	#endif
65	#ifdef HAVE_OPENSSL_CRL
66	@@ -508,7 +508,7 @@
67	if (!x) return LDAP_INVALID_CREDENTIALS;	31	if (!x) return LDAP_INVALID_CREDENTIALS;
68		32
69	xn = X509_get_subject_name(x);	33	xn = X509_get_subject_name(x);
70	-#if OPENSSL_VERSION_NUMBER < 0x10100000	34	-#if OPENSSL_VERSION_NUMBER < 0x10100000
71	+#if OPENSSL_VERSION_NUMBER < 0x10100000 \|\| defined(LIBRESSL_VERSION_NUMBER)	35	+#if OPENSSL_VERSION_NUMBER < 0x10100000 \|\| (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000)
72	der_dn->bv_len = i2d_X509_NAME( xn, NULL );	36	der_dn->bv_len = i2d_X509_NAME( xn, NULL );
73	der_dn->bv_val = xn->bytes->data;	37	der_dn->bv_val = xn->bytes->data;
74	#else	38	#else
75	@@ -544,7 +544,7 @@	39	@@ -500,7 +500,7 @@ tlso_session_peer_dn( tls_session *sess,
76	return LDAP_INVALID_CREDENTIALS;	40	return LDAP_INVALID_CREDENTIALS;
77		41
78	xn = X509_get_subject_name(x);	42	xn = X509_get_subject_name(x);
79	-#if OPENSSL_VERSION_NUMBER < 0x10100000	43	-#if OPENSSL_VERSION_NUMBER < 0x10100000
80	+#if OPENSSL_VERSION_NUMBER < 0x10100000 \|\| defined(LIBRESSL_VERSION_NUMBER)	44	+#if OPENSSL_VERSION_NUMBER < 0x10100000 \|\| (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000)
81	der_dn->bv_len = i2d_X509_NAME( xn, NULL );	45	der_dn->bv_len = i2d_X509_NAME( xn, NULL );
82	der_dn->bv_val = xn->bytes->data;	46	der_dn->bv_val = xn->bytes->data;
83	#else	47	#else
84	@@ -765,7 +765,7 @@	48	@@ -721,7 +721,7 @@ struct tls_data {
85	Sockbuf_IO_Desc *sbiod;	49	Sockbuf_IO_Desc *sbiod;
86	};	50	};
87		51
88	-#if OPENSSL_VERSION_NUMBER < 0x10100000	52	-#if OPENSSL_VERSION_NUMBER < 0x10100000
89	+#if OPENSSL_VERSION_NUMBER < 0x10100000 \|\| defined(LIBRESSL_VERSION_NUMBER)	53	+#if OPENSSL_VERSION_NUMBER < 0x10100000 \|\| (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000)
90	#define BIO_set_init(b, x) b->init = x	54	#define BIO_set_init(b, x) b->init = x
91	#define BIO_set_data(b, x) b->ptr = x	55	#define BIO_set_data(b, x) b->ptr = x
92	#define BIO_clear_flags(b, x) b->flags &= ~(x)	56	#define BIO_clear_flags(b, x) b->flags &= ~(x)
93	@@ -1170,7 +1170,7 @@
94	}
95	}
96
97	-#if OPENSSL_VERSION_NUMBER < 0x10100000
98	+#if OPENSSL_VERSION_NUMBER < 0x10100000 \|\| defined(LIBRESSL_VERSION_NUMBER)
99	static RSA *
100	tlso_tmp_rsa_cb( SSL *ssl, int is_export, int key_length )
101	{