# have this feature
have_export_keying_material="yes"
- AC_CHECK_FUNCS(
- [ \
- HMAC_CTX_new \
- HMAC_CTX_free \
- HMAC_CTX_reset \
- EVP_MD_CTX_new \
- EVP_MD_CTX_free \
- EVP_MD_CTX_reset \
- EVP_CIPHER_CTX_reset \
- OpenSSL_version \
- SSL_CTX_get_default_passwd_cb \
- SSL_CTX_get_default_passwd_cb_userdata \
- SSL_CTX_set1_groups \
- SSL_CTX_set_security_level \
- X509_get0_notBefore \
- X509_get0_notAfter \
- X509_get0_pubkey \
- X509_STORE_get0_objects \
- X509_OBJECT_free \
- X509_OBJECT_get_type \
- EVP_PKEY_get0_RSA \
- EVP_PKEY_get0_DSA \
- EVP_PKEY_get0_EC_KEY \
- RSA_set_flags \
- RSA_bits \
- RSA_get0_key \
- RSA_set0_key \
- DSA_get0_pqg \
- DSA_bits \
- RSA_meth_new \
- RSA_meth_free \
- RSA_meth_set_pub_enc \
- RSA_meth_set_pub_dec \
- RSA_meth_set_priv_enc \
- RSA_meth_set_priv_dec \
- RSA_meth_set_init \
- RSA_meth_set_sign \
- RSA_meth_set_finish \
- RSA_meth_set0_app_data \
- RSA_meth_get0_app_data \
- EC_GROUP_order_bits
- ]
- )
-
CFLAGS="${saved_CFLAGS}"
LIBS="${saved_LIBS}"
# wolfSSL signal EKM support
have_export_keying_material="yes"
- AC_DEFINE([HAVE_HMAC_CTX_NEW], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_HMAC_CTX_FREE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_HMAC_CTX_RESET], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_EVP_MD_CTX_NEW], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_EVP_MD_CTX_FREE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_EVP_MD_CTX_RESET], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_EVP_CIPHER_CTX_RESET], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_OPENSSL_VERSION], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_SSL_CTX_GET_DEFAULT_PASSWD_CB], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_SSL_CTX_GET_DEFAULT_PASSWD_CB_USERDATA], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_SSL_CTX_SET_SECURITY_LEVEL], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_X509_GET0_NOTBEFORE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_X509_GET0_NOTAFTER], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_X509_GET0_PUBKEY], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_X509_STORE_GET0_OBJECTS], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_X509_OBJECT_FREE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_X509_OBJECT_GET_TYPE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_EVP_PKEY_ID], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_EVP_PKEY_GET0_RSA], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_EVP_PKEY_GET0_DSA], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_EVP_PKEY_GET0_EC_KEY], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_RSA_SET_FLAGS], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_RSA_BITS], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_RSA_GET0_KEY], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_RSA_SET0_KEY], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_DSA_GET0_PQG], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_DSA_BITS], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_RSA_METH_NEW], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_RSA_METH_FREE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_RSA_METH_SET_PUB_ENC], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_RSA_METH_SET_PUB_DEC], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_RSA_METH_SET_PRIV_ENC], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_RSA_METH_SET_PRIV_DEC], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_RSA_METH_SET_INIT], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_RSA_METH_SET_SIGN], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_RSA_METH_SET_FINISH], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_RSA_METH_SET0_APP_DATA], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_RSA_METH_GET0_APP_DATA], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
- AC_DEFINE([HAVE_EC_GROUP_ORDER_BITS], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
-
if test "${enable_wolfssl_options_h}" = "yes"; then
AC_DEFINE([EXTERNAL_OPTS_OPENVPN], [1], [Include options.h from wolfSSL library])
else
#include <openssl/ssl.h>
#include <openssl/x509.h>
+/* Functionality missing in 1.1.0 */
+#if OPENSSL_VERSION_NUMBER < 0x10101000L && !defined(ENABLE_CRYPTO_WOLFSSL)
+#define SSL_CTX_set1_groups SSL_CTX_set1_curves
+#endif
+
+/* Functionality missing in LibreSSL and OpenSSL 1.0.2 */
#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)) && !defined(ENABLE_CRYPTO_WOLFSSL)
-#define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG
-#define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG
+/**
+ * Destroy a X509 object
+ *
+ * @param obj X509 object
+ */
+static inline void
+X509_OBJECT_free(X509_OBJECT *obj)
+{
+ if (obj)
+ {
+ X509_OBJECT_free_contents(obj);
+ OPENSSL_free(obj);
+ }
+}
+
+#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT
+#define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG
+#define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG
#endif
-#if !defined(HAVE_EVP_MD_CTX_RESET)
+
+/* Functionality missing in 1.0.2 */
+#if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(ENABLE_CRYPTO_WOLFSSL)
/**
* Reset a message digest context
*
EVP_MD_CTX_cleanup(ctx);
return 1;
}
-#endif
-#if !defined(HAVE_EVP_MD_CTX_FREE)
/**
* Free an existing message digest context
*
{
free(ctx);
}
-#endif
-#if !defined(HAVE_EVP_MD_CTX_NEW)
/**
* Allocate a new message digest object
*
ALLOC_OBJ_CLEAR(ctx, EVP_MD_CTX);
return ctx;
}
-#endif
-#if !defined(HAVE_EVP_CIPHER_CTX_RESET)
#define EVP_CIPHER_CTX_reset EVP_CIPHER_CTX_init
-#endif
-
-#if !defined(HAVE_X509_GET0_NOTBEFORE)
#define X509_get0_notBefore X509_get_notBefore
-#endif
-
-#if !defined(HAVE_X509_GET0_NOTAFTER)
#define X509_get0_notAfter X509_get_notAfter
-#endif
-#if !defined(HAVE_HMAC_CTX_RESET)
/**
* Reset a HMAC context
*
HMAC_CTX_init(ctx);
return 1;
}
-#endif
-#if !defined(HAVE_HMAC_CTX_FREE)
/**
* Cleanup and free an existing HMAC context
*
HMAC_CTX_cleanup(ctx);
free(ctx);
}
-#endif
-#if !defined(HAVE_HMAC_CTX_NEW)
/**
* Allocate a new HMAC context object
*
ALLOC_OBJ_CLEAR(ctx, HMAC_CTX);
return ctx;
}
-#endif
-#if !defined(HAVE_SSL_CTX_GET_DEFAULT_PASSWD_CB_USERDATA)
/**
* Fetch the default password callback user data from the SSL context
*
{
return ctx ? ctx->default_passwd_callback_userdata : NULL;
}
-#endif
-#if !defined(HAVE_SSL_CTX_GET_DEFAULT_PASSWD_CB)
/**
* Fetch the default password callback from the SSL context
*
{
return ctx ? ctx->default_passwd_callback : NULL;
}
-#endif
-/* This function is implemented as macro, so the configure check for the
- * function may fail, so we check for both variants here */
-#if !defined(HAVE_SSL_CTX_SET1_GROUPS) && !defined(SSL_CTX_set1_groups)
-#define SSL_CTX_set1_groups SSL_CTX_set1_curves
-#endif
-
-#if !defined(HAVE_X509_GET0_PUBKEY)
/**
* Get the public key from a X509 certificate
*
return (x && x->cert_info && x->cert_info->key) ?
x->cert_info->key->pkey : NULL;
}
-#endif
-#if !defined(HAVE_X509_STORE_GET0_OBJECTS)
/**
* Fetch the X509 object stack from the X509 store
*
{
return store ? store->objs : NULL;
}
-#endif
-#if !defined(HAVE_X509_OBJECT_FREE)
-/**
- * Destroy a X509 object
- *
- * @param obj X509 object
- */
-static inline void
-X509_OBJECT_free(X509_OBJECT *obj)
-{
- if (obj)
- {
- X509_OBJECT_free_contents(obj);
- OPENSSL_free(obj);
- }
-}
-#endif
-
-#if !defined(HAVE_X509_OBJECT_GET_TYPE)
/**
* Get the type of an X509 object
*
{
return obj ? obj->type : X509_LU_FAIL;
}
-#endif
-#if !defined(HAVE_EVP_PKEY_GET0_RSA)
/**
* Get the RSA object of a public key
*
{
return (pkey && pkey->type == EVP_PKEY_RSA) ? pkey->pkey.rsa : NULL;
}
-#endif
-#if !defined(HAVE_EVP_PKEY_GET0_EC_KEY) && !defined(OPENSSL_NO_EC)
/**
* Get the EC_KEY object of a public key
*
{
return (pkey && pkey->type == EVP_PKEY_EC) ? pkey->pkey.ec : NULL;
}
-#endif
-#if !defined(HAVE_EVP_PKEY_GET0_DSA)
+
/**
* Get the DSA object of a public key
*
{
return (pkey && pkey->type == EVP_PKEY_DSA) ? pkey->pkey.dsa : NULL;
}
-#endif
-#if !defined(HAVE_RSA_SET_FLAGS)
/**
* Set the RSA flags
*
rsa->flags = flags;
}
}
-#endif
-#if !defined(HAVE_RSA_GET0_KEY)
/**
* Get the RSA parameters
*
*d = rsa ? rsa->d : NULL;
}
}
-#endif
-#if !defined(HAVE_RSA_SET0_KEY)
/**
* Set the RSA parameters
*
return 1;
}
-#endif /* if !defined(HAVE_RSA_SET0_KEY) */
-#if !defined(HAVE_RSA_BITS)
/**
* Number of significant RSA bits
*
RSA_get0_key(rsa, &n, NULL, NULL);
return n ? BN_num_bits(n) : 0;
}
-#endif
-#if !defined(HAVE_DSA_GET0_PQG)
/**
* Get the DSA parameters
*
*g = dsa ? dsa->g : NULL;
}
}
-#endif
-#if !defined(HAVE_DSA_BITS)
/**
* Number of significant DSA bits
*
DSA_get0_pqg(dsa, &p, NULL, NULL);
return p ? BN_num_bits(p) : 0;
}
-#endif
-#if !defined(HAVE_RSA_METH_NEW)
/**
* Allocate a new RSA method object
*
rsa_meth->flags = flags;
return rsa_meth;
}
-#endif
-#if !defined(HAVE_RSA_METH_FREE)
/**
* Free an existing RSA_METHOD object
*
free(meth);
}
}
-#endif
-#if !defined(HAVE_RSA_METH_SET_PUB_ENC)
/**
* Set the public encoding function of an RSA_METHOD object
*
}
return 0;
}
-#endif
-#if !defined(HAVE_RSA_METH_SET_PUB_DEC)
/**
* Set the public decoding function of an RSA_METHOD object
*
}
return 0;
}
-#endif
-#if !defined(HAVE_RSA_METH_SET_PRIV_ENC)
/**
* Set the private encoding function of an RSA_METHOD object
*
}
return 0;
}
-#endif
-#if !defined(HAVE_RSA_METH_SET_PRIV_DEC)
/**
* Set the private decoding function of an RSA_METHOD object
*
}
return 0;
}
-#endif
-#if !defined(HAVE_RSA_METH_SET_INIT)
/**
* Set the init function of an RSA_METHOD object
*
}
return 0;
}
-#endif
-#if !defined (HAVE_RSA_METH_SET_SIGN)
/**
* Set the sign function of an RSA_METHOD object
*
meth->rsa_sign = sign;
return 1;
}
-#endif
-#if !defined(HAVE_RSA_METH_SET_FINISH)
/**
* Set the finish function of an RSA_METHOD object
*
}
return 0;
}
-#endif
-#if !defined(HAVE_RSA_METH_SET0_APP_DATA)
/**
* Set the application data of an RSA_METHOD object
*
}
return 0;
}
-#endif
-#if !defined(HAVE_RSA_METH_GET0_APP_DATA)
/**
* Get the application data of an RSA_METHOD object
*
{
return meth ? meth->app_data : NULL;
}
-#endif
-#if !defined(HAVE_EC_GROUP_ORDER_BITS) && !defined(OPENSSL_NO_EC)
/**
* Gets the number of bits of the order of an EC_GROUP
*
BN_free(order);
return bits;
}
-#endif
/* SSLeay symbols have been renamed in OpenSSL 1.1 */
-#ifndef OPENSSL_VERSION
#define OPENSSL_VERSION SSLEAY_VERSION
-#endif
-
-#ifndef HAVE_OPENSSL_VERSION
#define OpenSSL_version SSLeay_version
-#endif
-#if !defined(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT)
-#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT
-#endif
-
-#ifndef SSL_CTX_get_min_proto_version
/** Return the min SSL protocol version currently enabled in the context.
* If no valid version >= TLS1.0 is found, return 0. */
static inline int
}
return 0;
}
-#endif /* SSL_CTX_get_min_proto_version */
-#ifndef SSL_CTX_get_max_proto_version
/** Return the max SSL protocol version currently enabled in the context.
* If no valid version >= TLS1.0 is found, return 0. */
static inline int
}
return 0;
}
-#endif /* SSL_CTX_get_max_proto_version */
-#ifndef SSL_CTX_set_min_proto_version
/** Mimics SSL_CTX_set_min_proto_version for OpenSSL < 1.1 */
static inline int
SSL_CTX_set_min_proto_version(SSL_CTX *ctx, long tls_ver_min)
return 1;
}
-#endif /* SSL_CTX_set_min_proto_version */
-#ifndef SSL_CTX_set_max_proto_version
/** Mimics SSL_CTX_set_max_proto_version for OpenSSL < 1.1 */
static inline int
SSL_CTX_set_max_proto_version(SSL_CTX *ctx, long tls_ver_max)
return 1;
}
-#endif /* SSL_CTX_set_max_proto_version */
-
+#endif /* if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(ENABLE_CRYPTO_WOLFSSL) */
#endif /* OPENSSL_COMPAT_H_ */
projects / thirdparty / openvpn.git / commitdiff
