Bug 207745 - contrib/wpa Version checks failing with LibreSSL
Summary: contrib/wpa Version checks failing with LibreSSL
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Only Me
Assignee: Cy Schubert
URL:
Keywords: patch
Depends on:
Blocks:
 
Reported: 2016-03-06 13:57 UTC by Bernard Spil
Modified: 2018-08-09 03:12 UTC (History)
3 users (show)

See Also:


Attachments
git diff for contrib/wpa (1.86 KB, patch)
2016-03-06 13:57 UTC, Bernard Spil
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Bernard Spil freebsd_committer 2016-03-06 13:57:15 UTC
Created attachment 167764 [details]
git diff for contrib/wpa

LibreSSL defines the OpenSSL version as 0x2000000L but was forked from OpenSSL 1.0.1g with version 0x1000107fL. This causes many OPENSSL_VERSION_NUMBER comparisons to result in probrems if it tests for 1.0.2 (0x10002000L) or 1.1.0 (0x10010000L). The wpa_supplicant code is littered with OPENSSL_VERSION_NUMBER checks.

Replacing instances of

> #if OPENSSL_VERSION_NUMBER >= 0x10002000L
> #if OPENSSL_VERSION_NUMBER < 0x10010000L

with

> #if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
> #if OPENSSL_VERSION_NUMBER < 0x10010000L || defined(LIBRESSL_VERSION_NUMBER)

fixes these issues.
Comment 1 Bernard Spil freebsd_committer 2017-03-26 19:07:25 UTC
Hi Rui,

Noticed that you commit most often to contrib/wpa.

Could you please take a look at this patch?

Thanks!

Bernard.
Comment 2 Kyle Evans freebsd_committer 2018-08-09 02:41:31 UTC
CC'ing cy@, who recently updated wpa_supplicant to 2.6. We have libressl patches (some submitted by brnrd@, even. =)) in the ports tree that could be ported to the base system if there's adequate interest.
Comment 3 Cy Schubert freebsd_committer 2018-08-09 03:12:04 UTC
I'll take this PR.

Comparing the attached patch with r466153 in ports and specifically files/patch-src_crypto_crypto__openssl.c and files/patch-src_crypto_tls__openssl.c in the port, there are two differences: there is no patch for crypto/crypto_openssl.c and the attached patch is different from the one you provided me for the port. Should we apply the two patches from the port here?