From 8e3e9b287c0bc556a20e0aea8d9a39c6566edb56 Mon Sep 17 00:00:00 2001 From: Felix Palmen Date: Wed, 6 Dec 2023 08:07:01 +0100 Subject: [PATCH] mail/exim: Fix build with LibreSSL 3.8.2 Enable most OpenSSL >=1.1 APIs with LibreSSL as well, avoiding access to a member of a now opaque struct. --- mail/exim/files/patch-src_tls-openssl.c | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/mail/exim/files/patch-src_tls-openssl.c b/mail/exim/files/patch-src_tls-openssl.c index 9306c0a193a0..9aa36e015281 100644 --- a/mail/exim/files/patch-src_tls-openssl.c +++ b/mail/exim/files/patch-src_tls-openssl.c @@ -1,6 +1,23 @@ ---- src/tls-openssl.c.orig 2023-11-07 21:07:29.239948000 +0100 -+++ src/tls-openssl.c 2023-11-07 21:08:03.517118000 +0100 -@@ -2605,7 +2605,7 @@ +--- src/tls-openssl.c.orig 2023-11-04 12:55:49 UTC ++++ src/tls-openssl.c +@@ -69,12 +69,14 @@ crypto provider for libtls instead of continuing to ti + into even twistier knots. If LibreSSL gains the same API, we can just + change this guard and punt the issue for a while longer. */ + +-#ifndef LIBRESSL_VERSION_NUMBER ++#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x3080200fL + # if OPENSSL_VERSION_NUMBER >= 0x010100000L + # define EXIM_HAVE_OPENSSL_CHECKHOST + # define EXIM_HAVE_OPENSSL_DH_BITS + # define EXIM_HAVE_OPENSSL_TLS_METHOD +-# define EXIM_HAVE_OPENSSL_KEYLOG ++# ifndef LIBRESSL_VERSION_NUMBER ++# define EXIM_HAVE_OPENSSL_KEYLOG ++# endif + # define EXIM_HAVE_OPENSSL_CIPHER_GET_ID + # define EXIM_HAVE_SESSION_TICKET + # define EXIM_HAVE_OPESSL_TRACE +@@ -2605,7 +2607,7 @@ if (!(bs = OCSP_response_get1_basic(rsp))) asking for certificate-status under DANE, so this callback won't run for that combination. It still will for non-DANE. */