From f2e88b169ffb8466e4e736e7615b7b3e5d92f3fc Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 20 Feb 2025 11:49:37 +0100
Subject: [PATCH] leak-detective: Whitelist OpenSSL 3.5 functions

---
 src/libstrongswan/utils/leak_detective.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c
index 4568bcda2f..999c391670 100644
--- a/src/libstrongswan/utils/leak_detective.c
+++ b/src/libstrongswan/utils/leak_detective.c
@@ -616,6 +616,7 @@ static char *whitelist[] = {
 	"EVP_ASYM_CIPHER_fetch",
 	"EVP_CIPHER_fetch",
 	"EVP_KDF_fetch",
+	"EVP_KEM_fetch",
 	"EVP_KEYEXCH_fetch",
 	"EVP_KEYMGMT_do_all_provided",
 	"EVP_KEYMGMT_fetch",
@@ -629,6 +630,9 @@ static char *whitelist[] = {
 	"OSSL_PROVIDER_load",
 	"RAND_get0_private",
 	"RAND_get0_public",
+	"RAND_priv_bytes",
+	"RAND_priv_bytes_ex",
+	"RAND_bytes_ex",
 	/* We get this via libcurl and OpenSSL 1.1.1 */
 	"CRYPTO_get_ex_new_index",
 	/* OpenSSL libssl */
-- 
2.47.2