From patchwork Mon Aug 22 05:40:37 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maximilian Fillinger X-Patchwork-Id: 2711 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director12.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id oLrxHLGjA2NbGgAAIUCqbw (envelope-from ) for ; Mon, 22 Aug 2022 11:41:37 -0400 Received: from proxy13.mail.ord1d.rsapps.net ([172.30.191.6]) by director12.mail.ord1d.rsapps.net with LMTP id iFiFHLGjA2MaawAAIasKDg (envelope-from ) for ; Mon, 22 Aug 2022 11:41:37 -0400 Received: from smtp20.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy13.mail.ord1d.rsapps.net with LMTPS id UCJYHLGjA2NGLQAAgjf6aA (envelope-from ) for ; Mon, 22 Aug 2022 11:41:37 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp20.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (key not found in DNS) header.d=foxcrypto.com; dmarc=fail (p=none; dis=none) header.from=foxcrypto.com X-Suspicious-Flag: YES X-Classification-ID: e7d4c384-2230-11ed-993a-525400b8bfda-1-1 Received: from [216.105.38.7] ([216.105.38.7:45734] helo=lists.sourceforge.net) by smtp20.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 9B/48-29600-0B3A3036; Mon, 22 Aug 2022 11:41:36 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1oQ9Xx-0007hC-1v; Mon, 22 Aug 2022 15:41:01 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1oQ9Xv-0007h4-Hg for openvpn-devel@lists.sourceforge.net; Mon, 22 Aug 2022 15:40:59 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Date:Subject:CC:To:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=G27djuTwnJ3M4E1KrGsp/mCFOe0F1gUHFsvyfU/ZZhY=; b=hE76z+ARVKyTmOY/qHi+Sf5QLg ApqrPrrxqWQSJlW9lrd5D25JlCnCtFkDpSmK8dxVp6Dq62SQdnX5ntBllD0KyT95df/KZ0agtAEoR toBog1tV7xZFL9vyj4FJzTQoW6zpciXNcj9yc+Xac9GWO+2v5APu/j90EeosnXHHEBkg=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Date: Subject:CC:To:From:Sender:Reply-To:Content-ID:Content-Description:Resent-Date :Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=G27djuTwnJ3M4E1KrGsp/mCFOe0F1gUHFsvyfU/ZZhY=; b=h HNXl6XTCiSe3Kfy+LpBmvgjeL+W1DP5LKqBT+sF8SspE4zAUqe5AdUfVL7rxMhkMunfzTx3aSx7i+ bRMsO2CS6qPdTMBf1TT95o9Il26ORsNl5bTeZzZCi2SD3u1AnT5zr6o/VCb1FIcHX2KvAticey3gY nDKWcI4+ykIAzXsI=; Received: from nl-dft-mx-01.fox-it.com ([178.250.144.135]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1oQ9Xt-00DIR6-V8 for openvpn-devel@lists.sourceforge.net; Mon, 22 Aug 2022 15:40:59 +0000 From: Max Fillinger To: Date: Mon, 22 Aug 2022 17:40:37 +0200 Message-ID: <20220822154037.44320-1-maximilian.fillinger@foxcrypto.com> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-ClientProxiedBy: FOXDFT1EX01.FOX.local (10.0.0.129) To FOXDFT1EX01.FOX.local (10.0.0.129) X-FE-Policy-ID: 13:3:2:SYSTEM DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=foxcrypto.com; s=NL-DFT-MX-01; c=relaxed/relaxed; h=from:to:cc:subject:date:message-id:mime-version:content-type; bh=G27djuTwnJ3M4E1KrGsp/mCFOe0F1gUHFsvyfU/ZZhY=; b=AsetajxjyP2FgEgr/qsRf72o6NwI5AtKqgcMi8eGD9Vm7vx5PmyE86BfV5WBaFEuX/3WDfEUrENc pvoT+YRFXzA0JbovR2hOKrn64CEom82mzbnUYOq6D+fo0fuDUB+rZO8/KpGjUeXAwvVULRgE5Vj+ kxOCaN7bKKH1gPIJmMyxIqAItzHiKWAm542kQu9vXZH0ISJxWl04e5Hika8Pt7fwHL58oZk2BoKa 6Iwo6+uaxRnbw9680OYPuT0hrnqVs0d+3EVjK4IbL1Zs2oi5bs08reWaM7Cvt9cSJruVm1s6jl3/ xS25K868MVAyrn7bNRzTrRuarbNnImHbV+G+Fw== X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: LibreSSL has added some of the functions that are defined here. However, we still need RSA_F_RSA_OSSL_PRIVATE_ENCRYPT. v2: Change ifdef condition for RSA_F_RSA_OSSL_PRIVATE_ENCRYPT. v3: Don't break WolfSSL. Content analysis details: (0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid X-Headers-End: 1oQ9Xt-00DIR6-V8 Subject: [Openvpn-devel] [Patch v2 1/2] Update openssl_compat.h for newer LibreSSL X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox LibreSSL has added some of the functions that are defined here. However, we still need RSA_F_RSA_OSSL_PRIVATE_ENCRYPT. v2: Change ifdef condition for RSA_F_RSA_OSSL_PRIVATE_ENCRYPT. v3: Don't break WolfSSL. Signed-off-by: Max Fillinger Acked-By: Arne Schwabe --- src/openvpn/openssl_compat.h | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/openvpn/openssl_compat.h b/src/openvpn/openssl_compat.h index b3ee94f1..9d89bd0a 100644 --- a/src/openvpn/openssl_compat.h +++ b/src/openvpn/openssl_compat.h @@ -51,8 +51,8 @@ #define SSL_CTX_set1_groups SSL_CTX_set1_curves #endif -/* Functionality missing in LibreSSL and OpenSSL 1.0.2 */ -#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)) && !defined(ENABLE_CRYPTO_WOLFSSL) +/* Functionality missing in LibreSSL before 3.5 and OpenSSL 1.0.2 */ +#if (OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3050000fL)) && !defined(ENABLE_CRYPTO_WOLFSSL) /** * Destroy a X509 object * @@ -68,11 +68,13 @@ X509_OBJECT_free(X509_OBJECT *obj) } } -#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT #define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG #define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG #endif +#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)) && !defined(ENABLE_CRYPTO_WOLFSSL) +#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT +#endif /* Functionality missing in 1.0.2 */ #if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(ENABLE_CRYPTO_WOLFSSL)