From: Johannes Nixdorf <johannes@nixdorf.dev>
Date: Mon, 3 Nov 2025 15:15:43 +0000 (+0100)
Subject: LibreSSL: Fix compilation against LibreSSL >= 4.2.0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d422b5ad51177a52a4c4b1c8de3c1cb5c7304a45;p=thirdparty%2Fhostap.git

LibreSSL: Fix compilation against LibreSSL >= 4.2.0

The type for the callback function in SSL_set_session_secret_cb() was
changed following the newer OpenSSL and BoringSSL scheme. Fix this by
adding the new LibreSSL version to the existing versions checks.

Signed-off-by: Johannes Nixdorf <johannes@nixdorf.dev>
---

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index f172241b4..2f51b37ef 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -5986,7 +5986,9 @@ int tls_global_set_params(void *tls_ctx,
  * commented out unless explicitly needed for EAP-FAST in order to be able to
  * build this file with unmodified openssl. */
 
-#if (defined(OPENSSL_IS_BORINGSSL) || OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER)
+#if (defined(OPENSSL_IS_BORINGSSL) || \
+     (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || \
+     LIBRESSL_VERSION_NUMBER >= 0x4020000fL)
 static int tls_sess_sec_cb(SSL *s, void *secret, int *secret_len,
 			   STACK_OF(SSL_CIPHER) *peer_ciphers,
 			   const SSL_CIPHER **cipher, void *arg)