[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v3] libcrypto: fix compilation with LibreSSL
[Thread Prev] | [Thread Next]
- Subject: [PATCH v3] libcrypto: fix compilation with LibreSSL
- From: Stefan Strogin <steils@xxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Wed, 3 Jul 2019 18:49:07 +0300
- To: libssh@xxxxxxxxxx
- Cc: Stefan Strogin <steils@xxxxxxxxxx>
LibreSSL does not support FIPS mode, check for FIPS_mode() in ConfigureChecks.cmake. Signed-off-by: Stefan Strogin <steils@xxxxxxxxxx> --- ConfigureChecks.cmake | 4 ++++ config.h.cmake | 3 +++ include/libssh/libcrypto.h | 4 ++++ 3 files changed, 11 insertions(+) diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake index 643a0a4b..8956f2c1 100644 --- a/ConfigureChecks.cmake +++ b/ConfigureChecks.cmake @@ -131,6 +131,10 @@ if (OPENSSL_FOUND) set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY}) check_function_exists(EVP_KDF_CTX_new_id HAVE_OPENSSL_EVP_KDF_CTX_NEW_ID) + set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR}) + set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY}) + check_function_exists(FIPS_mode HAVE_OPENSSL_FIPS_MODE) + set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR}) set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY}) check_function_exists(RAND_priv_bytes HAVE_OPENSSL_RAND_PRIV_BYTES) diff --git a/config.h.cmake b/config.h.cmake index 5e4edc8a..25e9f7f8 100644 --- a/config.h.cmake +++ b/config.h.cmake @@ -124,6 +124,9 @@ /* Define to 1 if you have the `EVP_KDF_CTX_new_id' function. */ #cmakedefine HAVE_OPENSSL_EVP_KDF_CTX_NEW_ID 1 +/* Define to 1 if you have the `FIPS_mode' function. */ +#cmakedefine HAVE_OPENSSL_FIPS_MODE 1 + /* Define to 1 if you have the `OPENSSL_ia32cap_loc' function. */ #cmakedefine HAVE_OPENSSL_IA32CAP_LOC 1 diff --git a/include/libssh/libcrypto.h b/include/libssh/libcrypto.h index 541912b5..fff6ff55 100644 --- a/include/libssh/libcrypto.h +++ b/include/libssh/libcrypto.h @@ -112,7 +112,11 @@ typedef BN_CTX* bignum_CTX; /* Returns true if the OpenSSL is operating in FIPS mode */ +#ifdef HAVE_OPENSSL_FIPS_MODE #define ssh_fips_mode() (FIPS_mode() != 0) +#else +#define ssh_fips_mode() false +#endif #endif /* HAVE_LIBCRYPTO */ -- 2.22.0
Archive administrator: postmaster@lists.cynapses.org