Added checks to allow building against LibreSSL
It seems that when OpenSSL 1.1.0 support was added, LibreSSL was broken due to the way version checking was done. This adds extra checks for LIBRESSL_VERSION_NUMBER where applicable.
This commit is contained in:
@@ -165,7 +165,7 @@ CK_RV do_create_empty_cert(CK_BYTE_PTR in, CK_ULONG in_len, CK_BBOOL is_rsa,
|
||||
X509_set_notBefore(cert, tm);
|
||||
X509_set_notAfter(cert, tm);
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER < 10100000L
|
||||
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
|
||||
// Manually set the signature algorithms.
|
||||
// OpenSSL 1.0.1i complains about empty DER fields
|
||||
// 8 => md5WithRsaEncryption
|
||||
|
||||
@@ -274,7 +274,7 @@ static void test_login() {
|
||||
|
||||
}
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
||||
#if !((OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER))
|
||||
static int bogus_sign(int dtype, const unsigned char *m, unsigned int m_length,
|
||||
unsigned char *sigret, unsigned int *siglen, const RSA *rsa) {
|
||||
sigret = malloc(1);
|
||||
@@ -385,7 +385,7 @@ static void test_import_and_sign_all_10() {
|
||||
X509_set_notBefore(cert, tm);
|
||||
X509_set_notAfter(cert, tm);
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
|
||||
cert->sig_alg->algorithm = OBJ_nid2obj(8);
|
||||
cert->cert_info->signature->algorithm = OBJ_nid2obj(8);
|
||||
|
||||
@@ -583,7 +583,7 @@ static void test_import_and_sign_all_10_RSA() {
|
||||
X509_set_notBefore(cert, tm);
|
||||
X509_set_notAfter(cert, tm);
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
|
||||
/* putting bogus data to signature to make some checks happy */
|
||||
cert->sig_alg->algorithm = OBJ_nid2obj(8);
|
||||
cert->cert_info->signature->algorithm = OBJ_nid2obj(8);
|
||||
|
||||
Reference in New Issue
Block a user