mod_md: Fix/axe incorrect MD_USE_OPENSSL_PRE_1_1_API definition.

author Yann Ylavic <ylavic@apache.org>

Thu, 16 Nov 2023 13:56:24 +0000 (13:56 +0000)

committer Yann Ylavic <ylavic@apache.org>

Thu, 16 Nov 2023 13:56:24 +0000 (13:56 +0000)
author Yann Ylavic <ylavic@apache.org>
Thu, 16 Nov 2023 13:56:24 +0000 (13:56 +0000)
committer Yann Ylavic <ylavic@apache.org>
Thu, 16 Nov 2023 13:56:24 +0000 (13:56 +0000)
diff --git a/modules/md/md_crypt.c b/modules/md/md_crypt.c

index 4b2af89a0403bc8dc51201ca6a9a1c677f0f9148..ca44fab064c2622128db02d89e4a2213f9a4a4c5 100644 (file)
--- a/modules/md/md_crypt.c
+++ b/modules/md/md_crypt.c
@@ -57,21 +57,11 @@
  #include <process.h>
  #endif
  
-#if defined(LIBRESSL_VERSION_NUMBER)
-/* Missing from LibreSSL */
-#define MD_USE_OPENSSL_PRE_1_1_API (LIBRESSL_VERSION_NUMBER < 0x2070000f)
-#else /* defined(LIBRESSL_VERSION_NUMBER) */
-#define MD_USE_OPENSSL_PRE_1_1_API (OPENSSL_VERSION_NUMBER < 0x10100000L)
-#endif
-
-#if (defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER < 0x3050000fL)) || (OPENSSL_VERSION_NUMBER < 0x10100000L) 
+#if !defined(OPENSSL_NO_CT) \
+    && OPENSSL_VERSION_NUMBER >= 0x10100000L \
+    && (!defined(LIBRESSL_VERSION_NUMBER) \
+        || LIBRESSL_VERSION_NUMBER >= 0x3050000fL)
  /* Missing from LibreSSL < 3.5.0 and only available since OpenSSL v1.1.x */
-#ifndef OPENSSL_NO_CT
-#define OPENSSL_NO_CT
-#endif
-#endif
-
-#ifndef OPENSSL_NO_CT
  #include <openssl/ct.h>
  #endif
  
@@ -955,12 +945,9 @@ apr_status_t md_pkey_gen(md_pkey_t **ppkey, apr_pool_t *p, md_pkey_spec_t *spec)
      }
  }
  
-#if MD_USE_OPENSSL_PRE_1_1_API || (defined(LIBRESSL_VERSION_NUMBER) && \
-                                   LIBRESSL_VERSION_NUMBER < 0x2070000f)
-
-#ifndef NID_tlsfeature
-#define NID_tlsfeature          1020
-#endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L \
+    || (defined(LIBRESSL_VERSION_NUMBER) \
+        && LIBRESSL_VERSION_NUMBER < 0x2070000f)
  
  static void RSA_get0_key(const RSA *r,
                           const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
diff --git a/modules/md/md_ocsp.c b/modules/md/md_ocsp.c

index 8cbf05b3e1c255938085b7d0f54aa5aaeb7e5a63..c957c1d9cd3bd4f3d01c0ab21c4de4d5189bf7a6 100644 (file)
--- a/modules/md/md_ocsp.c
+++ b/modules/md/md_ocsp.c
@@ -32,13 +32,6 @@
  #include <openssl/pem.h>
  #include <openssl/x509v3.h>
  
-#if defined(LIBRESSL_VERSION_NUMBER)
-/* Missing from LibreSSL */
-#define MD_USE_OPENSSL_PRE_1_1_API (LIBRESSL_VERSION_NUMBER < 0x2070000f)
-#else /* defined(LIBRESSL_VERSION_NUMBER) */
-#define MD_USE_OPENSSL_PRE_1_1_API (OPENSSL_VERSION_NUMBER < 0x10100000L)
-#endif
-
  #include "md.h"
  #include "md_crypt.h"
  #include "md_event.h"
@@ -563,7 +556,9 @@ static const char *single_resp_summary(OCSP_SINGLERESP* resp, apr_pool_t *p)
      ASN1_GENERALIZEDTIME *bup = NULL, *bnextup = NULL;
      md_timeperiod_t valid;
      
-#if MD_USE_OPENSSL_PRE_1_1_API
+#if OPENSSL_VERSION_NUMBER < 0x10100000L \
+    || (defined(LIBRESSL_VERSION_NUMBER) \
+        && LIBRESSL_VERSION_NUMBER < 0x2070000f)
      certid = resp->certId;
  #else
      certid = OCSP_SINGLERESP_get0_id(resp);
author	Yann Ylavic <ylavic@apache.org>
	Thu, 16 Nov 2023 13:56:24 +0000 (13:56 +0000)
committer	Yann Ylavic <ylavic@apache.org>
	Thu, 16 Nov 2023 13:56:24 +0000 (13:56 +0000)
modules/md/md_crypt.c		patch \| blob \| blame \| history
modules/md/md_ocsp.c		patch \| blob \| blame \| history