The mbedtls_ctr_drbg_update_ret() function was backported to various
older branches, including 2.14 and 2.7.
To avoid making the #if guard too complex, let's detect if this function
exist at configure time.
All versions not having this function, will use our compat code.
Cc: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Message-Id: <
20210812085300.4738-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22734.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
[have_export_keying_material="no"]
)
+ AC_CHECK_FUNC(
+ [mbedtls_ctr_drbg_update_ret],
+ AC_DEFINE([HAVE_CTR_DRBG_UPDATE_RET], [1],
+ [Use mbedtls_ctr_drbg_update_ret from mbed TLS]),
+ )
+
CFLAGS="${saved_CFLAGS}"
LIBS="${saved_LIBS}"
AC_DEFINE([ENABLE_CRYPTO_MBEDTLS], [1], [Use mbed TLS library])
* Compatibility: mbedtls_ctr_drbg_update was deprecated in mbedtls 2.16 and
* replaced with mbedtls_ctr_drbg_update_ret, which returns an error code.
* For older versions, we call mbedtls_ctr_drbg_update and return 0 (success).
+ *
+ * Note: this change was backported to other mbedTLS branches, therefore we
+ * rely on function detection at configure time.
*/
-#if MBEDTLS_VERSION_NUMBER < 0x02100000
+#ifndef HAVE_CTR_DRBG_UPDATE_RET
static int mbedtls_ctr_drbg_update_ret(mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional,
size_t add_len)
projects / thirdparty / openvpn.git / commitdiff
