From patchwork Thu Aug 12 07:57:57 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: [Openvpn-devel] mbedtls: do not define mbedtls_ctr_drbg_update_ret
for mbedtls <2.15 and >=2.14.1
X-Patchwork-Submitter: Antonio Quartulli
X-Patchwork-Id: 1909
Message-Id: <20210812075757.31759-1-a@unstable.cc>
To: openvpn-devel@lists.sourceforge.net
Cc: Antonio Quartulli
Date: Thu, 12 Aug 2021 09:57:57 +0200
From: Antonio Quartulli
List-Id:
The mbedtls_ctr_drbg_update_ret() function was backported to the 2.14
branch of mbedtls since 2.14.1. For this reason, we must exclude the
definition of our compat function for mbedtls >=2.14.1 but <2.15
Cc: Max Fillinger
Signed-off-by: Antonio Quartulli
---
Successfully compiled tested on mbedTLS:
* 2.10.0
* 2.14.1
* 2.20.0
* 2.26.0
src/openvpn/ssl_mbedtls.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c
index 1853335e..a2ed59ac 100644
--- a/src/openvpn/ssl_mbedtls.c
+++ b/src/openvpn/ssl_mbedtls.c
@@ -66,8 +66,13 @@
* Compatibility: mbedtls_ctr_drbg_update was deprecated in mbedtls 2.16 and
* replaced with mbedtls_ctr_drbg_update_ret, which returns an error code.
* For older versions, we call mbedtls_ctr_drbg_update and return 0 (success).
+ *
+ * Note: mbedtls_ctr_drbg_update_ret was backported to the mbedtls 2.14 branch
+ * since 2.14.1. For this reason, the definition of this function has to be
+ * excluded for any mbedtls going from 2.14.1 (included) to 2.15 (excluded)
*/
-#if MBEDTLS_VERSION_NUMBER < 0x02100000
+#if MBEDTLS_VERSION_NUMBER < 0x02100000 && \
+ !(MBEDTLS_VERSION_NUMBER > 0x020E0000 && MBEDTLS_VERSION_NUMBER < 0x020F0000)
static int mbedtls_ctr_drbg_update_ret(mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional,
size_t add_len)