path: root/main/strongswan/libressl.patch

diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_crl.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_crl.c
--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_crl.c	2016-06-30 17:20:10.000000000 +0300
+++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_crl.c	2016-11-07 09:43:34.386040269 +0200
@@ -46,7 +46,7 @@
 #include <collections/enumerator.h>
 #include <credentials/certificates/x509.h>
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 static inline void X509_CRL_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, const X509_CRL *crl) {
 	if (psig) { *psig = crl->signature; }
 	if (palg) { *palg = crl->sig_alg; }
@@ -281,7 +281,7 @@
 		return FALSE;
 	}
 	/* i2d_re_X509_CRL_tbs() was added with 1.1.0 when X509_CRL became opaque */
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 	tbs = openssl_i2chunk(re_X509_CRL_tbs, this->crl);
 #else
 	tbs = openssl_i2chunk(X509_CRL_INFO, this->crl->crl);
@@ -524,7 +524,7 @@
 
 	X509_CRL_get0_signature(NULL, &alg, this->crl);
 	X509_ALGOR_get0(&oid, NULL, NULL, alg);
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 	if (!chunk_equals(
 			openssl_asn1_obj2chunk(this->crl->crl->sig_alg->algorithm),
 			openssl_asn1_obj2chunk(this->crl->sig_alg->algorithm)))
diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c	2016-06-30 17:20:10.000000000 +0300
+++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c	2016-11-07 09:43:49.292891861 +0200
@@ -27,7 +27,7 @@
 #include <utils/debug.h>
 
 /* these were added with 1.1.0 when DH was made opaque */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 OPENSSL_KEY_FALLBACK(DH, key, pub_key, priv_key)
 OPENSSL_KEY_FALLBACK(DH, pqg, p, q, g)
 #define DH_set_length(dh, len) ({ (dh)->length = len; 1; })
diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c	2016-10-08 15:17:09.000000000 +0300
+++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c	2016-11-07 09:43:54.582957491 +0200
@@ -28,7 +28,7 @@
 #include <openssl/ecdsa.h>
 #include <openssl/x509.h>
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 OPENSSL_KEY_FALLBACK(ECDSA_SIG, r, s)
 #endif
 
diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c	2016-06-30 17:20:10.000000000 +0300
+++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c	2016-11-07 09:43:58.653007980 +0200
@@ -27,7 +27,7 @@
 #include <openssl/ecdsa.h>
 #include <openssl/x509.h>
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 OPENSSL_KEY_FALLBACK(ECDSA_SIG, r, s)
 #endif
 
diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_hmac.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_hmac.c
--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_hmac.c	2016-06-30 17:20:10.000000000 +0300
+++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_hmac.c	2016-11-07 09:44:46.043595875 +0200
@@ -70,7 +70,7 @@
 	 */
 	HMAC_CTX *hmac;
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 	/**
 	 * Static context for OpenSSL < 1.1.0
 	 */
@@ -140,7 +140,7 @@
 METHOD(mac_t, destroy, void,
 	private_mac_t *this)
 {
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 	HMAC_CTX_free(this->hmac);
 #else
 	HMAC_CTX_cleanup(&this->hmac_ctx);
@@ -178,7 +178,7 @@
 		return NULL;
 	}
 
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 	this->hmac = HMAC_CTX_new();
 #else
 	HMAC_CTX_init(&this->hmac_ctx);
diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_pkcs7.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_pkcs7.c
--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_pkcs7.c	2016-07-08 11:57:18.000000000 +0300
+++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_pkcs7.c	2016-11-07 09:44:58.337081716 +0200
@@ -29,7 +29,7 @@
 
 #include <openssl/cms.h>
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 #define X509_ATTRIBUTE_get0_object(attr) ({ (attr)->object; })
 #endif
 
diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_plugin.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_plugin.c
--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_plugin.c	2016-10-08 15:17:09.000000000 +0300
+++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_plugin.c	2016-11-07 09:45:31.187489232 +0200
@@ -68,7 +68,7 @@
 /**
  * OpenSSL is thread-safe since 1.1.0
  */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 
 /**
  * Array of static mutexs, with CRYPTO_num_locks() mutex
@@ -568,7 +568,7 @@
 /* OpenSSL 1.1.0 cleans up itself at exit and while OPENSSL_cleanup() exists we
  * can't call it as we couldn't re-initialize the library (as required by the
  * unit tests and the Android app) */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 #ifndef OPENSSL_IS_BORINGSSL
 	CONF_modules_free();
 	OBJ_cleanup();
@@ -623,7 +623,7 @@
 		},
 	);
 
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 	/* note that we can't call OPENSSL_cleanup() when the plugin is destroyed
 	 * as we couldn't initialize the library again afterwards */
 	OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG |
diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c	2016-10-08 15:17:09.000000000 +0300
+++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c	2016-11-07 09:45:57.407814497 +0200
@@ -36,7 +36,7 @@
  */
 #define PUBLIC_EXPONENT 0x10001
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 OPENSSL_KEY_FALLBACK(RSA, key, n, e, d)
 OPENSSL_KEY_FALLBACK(RSA, factors, p, q)
 OPENSSL_KEY_FALLBACK(RSA, crt_params, dmp1, dmq1, iqmp)
diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c	2016-09-27 11:40:31.000000000 +0300
+++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c	2016-11-07 09:46:02.771214366 +0200
@@ -28,7 +28,7 @@
 #include <openssl/rsa.h>
 #include <openssl/x509.h>
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 OPENSSL_KEY_FALLBACK(RSA, key, n, e, d)
 #endif
 
diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_util.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_util.c
--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_util.c	2016-06-30 17:20:10.000000000 +0300
+++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_util.c	2016-11-07 09:46:15.918044119 +0200
@@ -23,7 +23,7 @@
 #include <openssl/x509.h>
 
 /* these were added with 1.1.0 when ASN1_OBJECT was made opaque */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 #define OBJ_get0_data(o) ((o)->data)
 #define OBJ_length(o) ((o)->length)
 #endif
diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_x509.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_x509.c
--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_x509.c	2016-06-30 17:20:10.000000000 +0300
+++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_x509.c	2016-11-07 09:46:51.818489485 +0200
@@ -61,7 +61,7 @@
 #endif
 
 /* added with 1.0.2 */
-#if OPENSSL_VERSION_NUMBER < 0x10002000L
+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
 static inline void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, const X509 *x) {
 	if (psig) { *psig = x->signature; }
 	if (palg) { *palg = x->sig_alg; }
@@ -69,7 +69,7 @@
 #endif
 
 /* added with 1.1.0 when X509 etc. was made opaque */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 #define X509_get0_extensions(x509) ({ (x509)->cert_info->extensions; })
 #define X509_get0_tbs_sigalg(x509) ({ (x509)->cert_info->signature; })
 #define X509_ALGOR_get0(oid, ppt, ppv, alg) ({ *(oid) = (alg)->algorithm; })
@@ -434,7 +434,7 @@
 		return FALSE;
 	}
 	/* i2d_re_X509_tbs() was added with 1.1.0 when X509 was made opaque */
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 	tbs = openssl_i2chunk(re_X509_tbs, this->x509);
 #else
 	tbs = openssl_i2chunk(X509_CINF, this->x509->cert_info);