Merge /httpd/httpd/trunk:r1890001

mod_md: the better libressl fix for unsupported EC key types.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1890002 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/md/md_crypt.c b/modules/md/md_crypt.c
index 6f3ee7b077fdd318c74e5704ed1b0c164ea90917..3992c6b12e3c6810d96d99071964e0579e92e2e0 100644 (file)
--- a/modules/md/md_crypt.c
+++ b/modules/md/md_crypt.c
@@ -71,11 +71,6 @@
 #include <openssl/ct.h>
 #endif
 
-#if defined(LIBRESSL_VERSION_NUMBER)
-#define EVP_PKEY_X25519 NID_X25519
-#define EVP_PKEY_X448 NID_X448
-#endif
-
 static int initialized;
 
 struct md_pkey_t {
@@ -802,7 +797,7 @@ static apr_status_t gen_ec(md_pkey_t **ppkey, apr_pool_t *p, const char *curve)
         curve_nid = NID_X9_62_prime192v1;
     }
 #endif
-#ifdef NID_X25519
+#if defined(NID_X25519) && !defined(LIBRESSL_VERSION_NUMBER)
     if (NID_undef == curve_nid && !apr_strnatcasecmp("X25519", curve)) {
         curve_nid = NID_X25519;
     }
@@ -819,7 +814,7 @@ static apr_status_t gen_ec(md_pkey_t **ppkey, apr_pool_t *p, const char *curve)
     *ppkey = make_pkey(p);
     switch (curve_nid) {
 
-#ifdef NID_X25519
+#if defined(NID_X25519) && !defined(LIBRESSL_VERSION_NUMBER)
     case NID_X25519:
         /* no parameters */
         if (NULL == (ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL))
@@ -833,7 +828,7 @@ static apr_status_t gen_ec(md_pkey_t **ppkey, apr_pool_t *p, const char *curve)
         break;
 #endif
 
-#ifdef NID_X448
+#if defined(NID_X448) && !defined(LIBRESSL_VERSION_NUMBER)
     case NID_X448:
         /* no parameters */
         if (NULL == (ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X448, NULL))