From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date: Tue, 4 Jan 2022 02:14:18 +0000 (-0600)
Subject: Just use WITH_TLS....
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cb179f2f84b33bc38b8fc1fac2d73995bd7f2d88;p=thirdparty%2Ffreeradius-server.git

Just use WITH_TLS....
---

diff --git a/src/bin/radiusd.c b/src/bin/radiusd.c
index 71a0352a19..59241c5e5a 100644
--- a/src/bin/radiusd.c
+++ b/src/bin/radiusd.c
@@ -74,7 +74,7 @@ RCSID("$Id$")
 #  include <systemd/sd-daemon.h>
 #endif
 
-#if defined(HAVE_OPENSSL_CRYPTO_H) && OPENSSL_VERSION_NUMBER >= 0x30000000L
+#if defined(WITH_TLS) && OPENSSL_VERSION_NUMBER >= 0x30000000L
 #  include <openssl/provider.h>
 #endif
 
@@ -480,7 +480,7 @@ int main(int argc, char *argv[])
 
 	if (rad_check_lib_magic(RADIUSD_MAGIC_NUMBER) < 0) EXIT_WITH_FAILURE;
 
-#ifdef HAVE_OPENSSL_CRYPTO_H
+#ifdef WITH_TLS
 	/*
 	 *  Mismatch between build time OpenSSL and linked SSL, better to die
 	 *  here than segfault later.
@@ -556,7 +556,7 @@ int main(int argc, char *argv[])
 		EXIT_WITH_FAILURE;
 	}
 
-#ifdef HAVE_OPENSSL_CRYPTO_H
+#ifdef WITH_TLS
 	if (fr_tls_dict_init() < 0) {
 		fr_perror("%s", program);
 		EXIT_WITH_FAILURE;
@@ -623,11 +623,11 @@ int main(int argc, char *argv[])
 	/*
 	 *  Check for vulnerabilities in the version of libssl were linked against.
 	 */
-#if defined(HAVE_OPENSSL_CRYPTO_H) && defined(ENABLE_OPENSSL_VERSION_CHECK)
+#if defined(WITH_TLS) && defined(ENABLE_OPENSSL_VERSION_CHECK)
 	if (fr_openssl_version_check(config->allow_vulnerable_openssl) < 0) EXIT_WITH_FAILURE;
 #endif
 
-#ifdef HAVE_OPENSSL_CRYPTO_H
+#ifdef WITH_TLS
 	/*
 	 *  Toggle FIPS mode
 	 */
@@ -1066,7 +1066,7 @@ cleanup:
 	 */
 	unlang_free_global();
 
-#ifdef HAVE_OPENSSL_CRYPTO_H
+#ifdef WITH_TLS
 	fr_openssl_free();		/* Cleanup any memory alloced by OpenSSL and placed into globals */
 #endif
 
diff --git a/src/lib/server/dependency.c b/src/lib/server/dependency.c
index 89b9d35d7d..656fdc6dd6 100644
--- a/src/lib/server/dependency.c
+++ b/src/lib/server/dependency.c
@@ -37,7 +37,7 @@ static CONF_SECTION *default_version_cs;		//!< Default configuration section to
 
 #include <freeradius-devel/tls/openssl_user_macros.h>
 
-#ifdef HAVE_OPENSSL_CRYPTO_H
+#ifdef WITH_TLS
 #  include <freeradius-devel/tls/openssl_user_macros.h>
 #  include <openssl/crypto.h>
 #  include <openssl/opensslv.h>
@@ -264,7 +264,7 @@ char const *ssl_version()
 {
 	return "not linked";
 }
-#endif /* ifdef HAVE_OPENSSL_CRYPTO_H */
+#endif /* ifdef WITH_TLS */
 
 /** Check if the application linking to the library has the correct magic number
  *
diff --git a/src/lib/server/main_config.c b/src/lib/server/main_config.c
index 3face8c972..7de02bbf3d 100644
--- a/src/lib/server/main_config.c
+++ b/src/lib/server/main_config.c
@@ -168,7 +168,7 @@ static const CONF_PARSER thread_config[] = {
 
 	{ FR_CONF_OFFSET("stats_interval", FR_TYPE_TIME_DELTA | FR_TYPE_HIDDEN, main_config_t, stats_interval), },
 
-#ifdef HAVE_OPENSSL_CRYPTO_H
+#ifdef WITH_TLS
 	{ FR_CONF_OFFSET("openssl_async_pool_init", FR_TYPE_SIZE, main_config_t, openssl_async_pool_init), .dflt = "64" },
 	{ FR_CONF_OFFSET("openssl_async_pool_max", FR_TYPE_SIZE, main_config_t, openssl_async_pool_max), .dflt = "1024" },
 #endif
@@ -235,7 +235,7 @@ static const CONF_PARSER security_config[] = {
 	{ FR_CONF_OFFSET("allow_vulnerable_openssl", FR_TYPE_STRING, main_config_t, allow_vulnerable_openssl), .dflt = "no" },
 #endif
 
-#ifdef HAVE_OPENSSL_CRYPTO_H
+#ifdef WITH_TLS
 	{ FR_CONF_OFFSET_IS_SET("openssl_fips_mode", FR_TYPE_BOOL, main_config_t, openssl_fips_mode), .dflt = "no" },
 #endif
 
diff --git a/src/lib/server/main_config.h b/src/lib/server/main_config.h
index 6348b9c6ed..c335052b8d 100644
--- a/src/lib/server/main_config.h
+++ b/src/lib/server/main_config.h
@@ -111,7 +111,7 @@ struct main_config_s {
 	char const	*allow_vulnerable_openssl;	//!< The CVE number of the last security issue acknowledged.
 #endif
 
-#ifdef HAVE_OPENSSL_CRYPTO_H
+#ifdef WITH_TLS
 	bool		openssl_fips_mode;		//!< Whether OpenSSL fips mode is enabled or disabled.
 	bool		openssl_fips_mode_is_set;	//!< Whether the user specified a value.
 
diff --git a/src/modules/rlm_mschap/rlm_mschap.c b/src/modules/rlm_mschap/rlm_mschap.c
index 38dc73c0ec..18723a2c94 100644
--- a/src/modules/rlm_mschap/rlm_mschap.c
+++ b/src/modules/rlm_mschap/rlm_mschap.c
@@ -52,7 +52,7 @@ RCSID("$Id$")
 #include "auth_wbclient.h"
 #endif
 
-#ifdef HAVE_OPENSSL_CRYPTO_H
+#ifdef WITH_TLS
 USES_APPLE_DEPRECATED_API	/* OpenSSL API has been deprecated by Apple */
 #  include <freeradius-devel/tls/openssl_user_macros.h>
 #  include <openssl/rc4.h>
@@ -765,7 +765,7 @@ static int write_all(int fd, char const *buf, int len) {
 
 static int CC_HINT(nonnull (1, 2, 4, 5)) do_mschap_cpw(rlm_mschap_t const *inst,
 						       request_t *request,
-#ifdef HAVE_OPENSSL_CRYPTO_H
+#ifdef WITH_TLS
 						       fr_pair_t *nt_password,
 #else
 						       UNUSED fr_pair_t *nt_password,
@@ -957,7 +957,7 @@ ntlm_auth_err:
 		 *
 		 */
 	} else if (inst->local_cpw) {
-#ifdef HAVE_OPENSSL_CRYPTO_H
+#ifdef WITH_TLS
 		fr_pair_t	*new_pass, *new_hash;
 		uint8_t		*p, *q;
 		char		*x;
diff --git a/src/modules/rlm_sql/drivers/rlm_sql_postgresql/rlm_sql_postgresql.c b/src/modules/rlm_sql/drivers/rlm_sql_postgresql/rlm_sql_postgresql.c
index 67eb7a34ca..99dd9e90c0 100644
--- a/src/modules/rlm_sql/drivers/rlm_sql_postgresql/rlm_sql_postgresql.c
+++ b/src/modules/rlm_sql/drivers/rlm_sql_postgresql/rlm_sql_postgresql.c
@@ -654,7 +654,7 @@ static int mod_instantiate(rlm_sql_config_t const *config, void *instance, CONF_
 
 static int mod_load(void)
 {
-#if defined(HAVE_OPENSSL_CRYPTO_H) && (defined(HAVE_PQINITOPENSSL) || defined(HAVE_PQINITSSL))
+#if defined(WITH_TLS) && (defined(HAVE_PQINITOPENSSL) || defined(HAVE_PQINITSSL))
 #  ifdef HAVE_PQINITOPENSSL
 	PQinitOpenSSL(0, 0);
 #  else