[PATCH v3] libcrypto: fix compilation with LibreSSL

[Stefan Strogin <steils@xxxxxxxxxx>]

LibreSSL does not support FIPS mode, check for FIPS_mode() in
ConfigureChecks.cmake.

Signed-off-by: Stefan Strogin <steils@xxxxxxxxxx>
---
 ConfigureChecks.cmake      | 4 ++++
 config.h.cmake             | 3 +++
 include/libssh/libcrypto.h | 4 ++++
 3 files changed, 11 insertions(+)

diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
index 643a0a4b..8956f2c1 100644
--- a/ConfigureChecks.cmake
+++ b/ConfigureChecks.cmake
@@ -131,6 +131,10 @@ if (OPENSSL_FOUND)
     set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
     check_function_exists(EVP_KDF_CTX_new_id HAVE_OPENSSL_EVP_KDF_CTX_NEW_ID)
 
+    set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
+    set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
+    check_function_exists(FIPS_mode HAVE_OPENSSL_FIPS_MODE)
+
     set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
     set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
     check_function_exists(RAND_priv_bytes HAVE_OPENSSL_RAND_PRIV_BYTES)
diff --git a/config.h.cmake b/config.h.cmake
index 5e4edc8a..25e9f7f8 100644
--- a/config.h.cmake
+++ b/config.h.cmake
@@ -124,6 +124,9 @@
 /* Define to 1 if you have the `EVP_KDF_CTX_new_id' function. */
 #cmakedefine HAVE_OPENSSL_EVP_KDF_CTX_NEW_ID 1
 
+/* Define to 1 if you have the `FIPS_mode' function. */
+#cmakedefine HAVE_OPENSSL_FIPS_MODE 1
+
 /* Define to 1 if you have the `OPENSSL_ia32cap_loc' function. */
 #cmakedefine HAVE_OPENSSL_IA32CAP_LOC 1
 
diff --git a/include/libssh/libcrypto.h b/include/libssh/libcrypto.h
index 541912b5..fff6ff55 100644
--- a/include/libssh/libcrypto.h
+++ b/include/libssh/libcrypto.h
@@ -112,7 +112,11 @@ typedef BN_CTX* bignum_CTX;
 
 
 /* Returns true if the OpenSSL is operating in FIPS mode */
+#ifdef HAVE_OPENSSL_FIPS_MODE
 #define ssh_fips_mode() (FIPS_mode() != 0)
+#else
+#define ssh_fips_mode() false
+#endif
 
 #endif /* HAVE_LIBCRYPTO */
 
-- 
2.22.0