[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] libcrypto: fix compilation with LibreSSL


On Monday, 1 July 2019 17:19:55 CEST Stefan Strogin wrote:
> LibreSSL does not support FIPS mode, check for FIPS_mode() in
> ConfigureChecks.cmake.

Sorry, this doesn't work as there is no definition in config.h.cmake for it. 
Also I think it should be a function so that config.h is included!

https://gitlab.com/cryptomilk/libssh-mirror/-/jobs/244166020


Could you please fix that?


Thanks,

	Andreas


> Signed-off-by: Stefan Strogin <steils@xxxxxxxxxx>
> ---
>  ConfigureChecks.cmake      | 4 ++++
>  include/libssh/libcrypto.h | 4 ++++
>  2 files changed, 8 insertions(+)
> 
> diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
> index 643a0a4b..a5f4e74b 100644
> --- a/ConfigureChecks.cmake
> +++ b/ConfigureChecks.cmake
> @@ -131,6 +131,10 @@ if (OPENSSL_FOUND)
>      set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
>      check_function_exists(EVP_KDF_CTX_new_id
> HAVE_OPENSSL_EVP_KDF_CTX_NEW_ID)
> 
> +    set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
> +    set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
> +    check_function_exists(FIPS_mode HAVE_FIPS_MODE)
> +
>      set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
>      set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
>      check_function_exists(RAND_priv_bytes HAVE_OPENSSL_RAND_PRIV_BYTES)
> diff --git a/include/libssh/libcrypto.h b/include/libssh/libcrypto.h
> index 541912b5..94d6bfae 100644
> --- a/include/libssh/libcrypto.h
> +++ b/include/libssh/libcrypto.h
> @@ -112,7 +112,11 @@ typedef BN_CTX* bignum_CTX;
> 
> 
>  /* Returns true if the OpenSSL is operating in FIPS mode */
> +#ifdef HAVE_FIPS_MODE
>  #define ssh_fips_mode() (FIPS_mode() != 0)
> +#else
> +#define ssh_fips_mode() false
> +#endif
> 
>  #endif /* HAVE_LIBCRYPTO */





Follow-Ups:
Re: [PATCH v2] libcrypto: fix compilation with LibreSSLStefan Strogin <steils@xxxxxxxxxx>
References:
[PATCH v2] libcrypto: fix compilation with LibreSSLStefan Strogin <steils@xxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org