OpenSSL: Fix TLS_CONN_TEAP_ANON_DH build with some library versions

author Jouni Malinen <j@w1.fi>

Sat, 13 Jul 2019 19:36:07 +0000 (22:36 +0300)

committer Jouni Malinen <j@w1.fi>

Sat, 13 Jul 2019 19:49:22 +0000 (22:49 +0300)
author Jouni Malinen <j@w1.fi>
Sat, 13 Jul 2019 19:36:07 +0000 (22:36 +0300)
committer Jouni Malinen <j@w1.fi>
Sat, 13 Jul 2019 19:49:22 +0000 (22:49 +0300)
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c

index 9013339782d81b9b534322a6b3646e62355f7b7f..d58cb8227e78ebb00e48ac7c13c5fb62f5eb2d64 100644 (file)
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -3096,7 +3096,6 @@ static int tls_set_conn_flags(struct tls_connection *conn, unsigned int flags,
  #endif /* CONFIG_SUITEB */
  
         if (flags & TLS_CONN_TEAP_ANON_DH) {
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
  #ifndef TEAP_DH_ANON_CS
  #define TEAP_DH_ANON_CS \
         "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:" \
@@ -3109,6 +3108,10 @@ static int tls_set_conn_flags(struct tls_connection *conn, unsigned int flags,
         "ADH-AES256-SHA256:ADH-AES128-SHA256:ADH-AES256-SHA:ADH-AES128-SHA"
  #endif
                 static const char *cs = TEAP_DH_ANON_CS;
+
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
+       !defined(LIBRESSL_VERSION_NUMBER) && \
+       !defined(OPENSSL_IS_BORINGSSL)
                 /*
                  * Need to drop to security level 0 to allow anonymous
                  * cipher suites for EAP-TEAP.
author	Jouni Malinen <j@w1.fi>
	Sat, 13 Jul 2019 19:36:07 +0000 (22:36 +0300)
committer	Jouni Malinen <j@w1.fi>
	Sat, 13 Jul 2019 19:49:22 +0000 (22:49 +0300)