Use accessors for DSA and RSA objects

In the upcoming LibreSSL version 3.5, the DSA and RSA structs will
become opaque, so we should use the OpenSSL 1.1 setters and getters
to fix the build.  The relevant API has been available since
LibreSSL 2.7. The last LibreSSL version (2.6) not having these
accessors was EOL late 2018, so no users should be affected by this
change.

diff --git a/dnssec.c b/dnssec.c
index 63fece5299257a80bf57104ff1adf0f0e01379a4..fbaa518a8cb040c6b9e5ae62d5bd507b7f86e589 100644 (file)
--- a/dnssec.c
+++ b/dnssec.c
@@ -381,7 +381,7 @@ ldns_key_buf2dsa_raw(const unsigned char* key, size_t len)
                BN_free(Y);
                return NULL;
        }
-#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(HAVE_LIBRESSL) && LIBRESSL_VERSION_NUMBER < 0x20700000)
 #ifndef S_SPLINT_S
        dsa->p = P;
        dsa->q = Q;
@@ -468,7 +468,7 @@ ldns_key_buf2rsa_raw(const unsigned char* key, size_t len)
                BN_free(modulus);
                return NULL;
        }
-#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(HAVE_LIBRESSL) && LIBRESSL_VERSION_NUMBER < 0x20700000)
 #ifndef S_SPLINT_S
        rsa->n = modulus;
        rsa->e = exponent;

diff --git a/host2str.c b/host2str.c
index a207a9132b881700a995609e2d1a987264ff39b6..634c567678e6081ef995f114804522a2568a1b93 100644 (file)
--- a/host2str.c
+++ b/host2str.c
@@ -2451,7 +2451,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
                                        const BIGNUM *n=NULL, *e=NULL, *d=NULL,
                                                *p=NULL, *q=NULL, *dmp1=NULL,
                                                *dmq1=NULL, *iqmp=NULL;
-#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(HAVE_LIBRESSL) && LIBRESSL_VERSION_NUMBER < 0x20700000)
                                        n = rsa->n;
                                        e = rsa->e;
                                        d = rsa->d;
@@ -2504,7 +2504,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
                                if(1) {
                                        const BIGNUM *p=NULL, *q=NULL, *g=NULL,
                                                *priv_key=NULL, *pub_key=NULL;
-#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(HAVE_LIBRESSL) && LIBRESSL_VERSION_NUMBER < 0x20700000)
 #ifndef S_SPLINT_S
                                        p = dsa->p;
                                        q = dsa->q;

diff --git a/keys.c b/keys.c
index 91a3dffd8f3507ce08f732b51ff3371510ac6df0..78bea9721c4c9d83d172202bbef0402d5b1bd26f 100644 (file)
--- a/keys.c
+++ b/keys.c
@@ -861,7 +861,7 @@ ldns_key_new_frm_fp_rsa_l(FILE *f, int *line_nr)
        }
 #endif /* splint */
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(HAVE_LIBRESSL) && LIBRESSL_VERSION_NUMBER < 0x20700000)
 # ifndef S_SPLINT_S
        rsa->n = n;
        rsa->e = e;
@@ -982,7 +982,7 @@ ldns_key_new_frm_fp_dsa_l(FILE *f, ATTR_UNUSED(int *line_nr))
        }
 #endif /* splint */
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(HAVE_LIBRESSL) && LIBRESSL_VERSION_NUMBER < 0x20700000)
 # ifndef S_SPLINT_S
        dsa->p = p;
        dsa->q = q;
@@ -1660,7 +1660,7 @@ ldns_key_rsa2bin(unsigned char *data, RSA *k, uint16_t *size)
        if (!k) {
                return false;
        }
-#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(HAVE_LIBRESSL) && LIBRESSL_VERSION_NUMBER < 0x20700000)
        n = k->n;
        e = k->e;
 #else