git.ipfire.org Git - thirdparty/openvpn.git/commit

author	David Sommerseth <davids@openvpn.net>
	Wed, 19 Jan 2022 18:21:26 +0000 (19:21 +0100)
committer	Gert Doering <gert@greenie.muc.de>
	Thu, 20 Jan 2022 19:10:34 +0000 (20:10 +0100)
commit	544330fefedc87a74b4e17e105ad9151b8ad1dc9
tree	aa451c58b7469d22e465b53ba57b3fcf2aaa1ec7	tree
parent	4fe50675946f4533a9a373f4332e417f1bbfeabe	commit \| diff

crypto: Fix OPENSSL_FIPS enabled builds

On Fedora and RHEL/CentOS, the standard OpenSSL library has the FIPS
module enabled by default.  On these platforms, the OPENSSL_FIPS macro
is always defined via /usr/include/openssl/opensslconf-*.h.

Without this fix, the following compilation error appears:

  ./src/openvpn/crypto.c: In function ‘print_cipher’:
  ./src/openvpn/crypto.c:1707:43: error: ‘cipher’ undeclared (first use in
this function); did you mean ‘iphdr’?
       if (FIPS_mode() && !(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_FIPS))
                                           ^~~~~~
The EVP_CIPHER_fetch() and EVP_CIPHER_free() methods are also provided
via the openssl_compat.h for older than OpenSSL 3.0.

Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220119182126.56880-1-openvpn@sf.lists.topphemmelig.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23570.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>