From 35c9943293ad08d4820e7041d9e848d5749670cf Mon Sep 17 00:00:00 2001
From: Felix Palmen <felix@palmen-it.de>
Date: Sun, 25 Jul 2021 10:12:57 +0200
Subject: [PATCH] net/freeradius3: fix building with libressl

---
 net/freeradius3/files/patch-src_main_cb.c  | 20 ++++++++++++++++++++
 net/freeradius3/files/patch-src_main_tls.c | 20 ++++++++++++++++++++
 2 files changed, 40 insertions(+)
 create mode 100644 net/freeradius3/files/patch-src_main_cb.c
 create mode 100644 net/freeradius3/files/patch-src_main_tls.c

diff --git a/net/freeradius3/files/patch-src_main_cb.c b/net/freeradius3/files/patch-src_main_cb.c
new file mode 100644
index 000000000000..81d01f6cc2ff
--- /dev/null
+++ b/net/freeradius3/files/patch-src_main_cb.c
@@ -0,0 +1,20 @@
+--- src/main/cb.c.orig	2021-07-25 08:01:13 UTC
++++ src/main/cb.c
+@@ -64,7 +64,7 @@ void cbtls_info(SSL const *s, int where, int ret)
+ 			/*
+ 			 *	After a ClientHello, list all the proposed ciphers from the client
+ 			 */
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			if (SSL_get_state(s) == TLS_ST_SR_CLNT_HELLO) {
+ 				int i;
+ 				int num_ciphers;
+@@ -174,7 +174,7 @@ void cbtls_msg(int write_p, int msg_version, int conte
+ 		state->info.alert_level = 0x00;
+ 		state->info.alert_description = 0x00;
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x10101000L
++#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 	} else if (content_type == SSL3_RT_INNER_CONTENT_TYPE && buf[0] == SSL3_RT_APPLICATION_DATA) {
+ 		/* let tls_ack_handler set application_data */
+ 		state->info.content_type = SSL3_RT_HANDSHAKE;
diff --git a/net/freeradius3/files/patch-src_main_tls.c b/net/freeradius3/files/patch-src_main_tls.c
new file mode 100644
index 000000000000..3119ce18bfa1
--- /dev/null
+++ b/net/freeradius3/files/patch-src_main_tls.c
@@ -0,0 +1,20 @@
+--- src/main/tls.c.orig	2021-07-25 08:06:53 UTC
++++ src/main/tls.c
+@@ -1602,7 +1602,7 @@ static int load_dh_params(SSL_CTX *ctx, char *file)
+ 	 *
+ 	 * Change suggested by @t8m
+ 	 */
+-#if OPENSSL_VERSION_NUMBER >= 0x10101000L
++#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 	if (FIPS_mode() > 0) {
+ 		WARN(LOG_PREFIX ": Ignoring user-selected DH parameters in FIPS mode. Using defaults.");
+ 		return 0;
+@@ -4020,7 +4020,7 @@ post_ca:
+ 	 *	disable early data.
+ 	 *
+ 	 */
+-#if OPENSSL_VERSION_NUMBER >= 0x10101000L
++#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 	SSL_CTX_set_max_early_data(ctx, 0);
+ #endif
+ 
-- 
2.31.1