From patchwork Tue Jan 21 20:09:27 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ben Greear <greearb@candelatech.com>
X-Patchwork-Id: 1226750
Return-Path: 
 <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=none (no SPF record)
	smtp.mailfrom=lists.infradead.org
	(client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org;
	envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none)
	header.from=candelatech.com
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=lists.infradead.org
	header.i=@lists.infradead.org header.a=rsa-sha256
	header.s=bombadil.20170209 header.b=X4JVVi7y;
	dkim=fail reason="signature verification failed" (1024-bit key;
	unprotected) header.d=candelatech.com header.i=@candelatech.com
	header.a=rsa-sha256 header.s=default header.b=Dl4oKoka;
	dkim-atps=neutral
Received: from bombadil.infradead.org (bombadil.infradead.org
	[IPv6:2607:7c80:54:e::133])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	key-exchange X25519 server-signature RSA-PSS (4096 bits)
	server-digest SHA256) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 482KQ64jt1z9sRG
	for <incoming@patchwork.ozlabs.org>;
	Wed, 22 Jan 2020 07:09:50 +1100 (AEDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
	Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe:
	List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References:
	In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Owner;
	bh=YJRwCtPN9BXG/42RGbUgIfQ/unqDSH8w95q8ecdLVsA=;
	b=X4JVVi7y16IhCwIhR9GWDAMK86
	8LUX1eswQ1/MLWIB+YPfOxyZv5+G0+tIJd87N/zpge3/yX6I35YDkWxsk/xnea3tHg5sdJLMZxhsA
	qe5S9ljF2Eq2iUVJCdVKhvnfZzLP7Tc1c62gMAeiV4OkmUjmYhcaNwd5VmG6IR8TsKirRNc0zWpea
	RbfBn3FOCZsGLy/OnHPqSFQVBy83aCVYy3HQi8583t6hxVDNDbkYaSpJeMemaiDqVcmSmcHqXYI3/
	OU+YoHVP/0HE5qivzX8nbVs/gjmbJ65yIyzEtsJEPnB6uu6nRlYCteLLQq2jOL+s/REZPM8T+MT1O
	SiNji4pg==;
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1itzqM-0006EW-00; Tue, 21 Jan 2020 20:09:46 +0000
Received: from mail2.candelatech.com ([208.74.158.173]
	helo=mail3.candelatech.com)
	by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1itzqC-000675-2L
	for hostap@lists.infradead.org; Tue, 21 Jan 2020 20:09:40 +0000
Received: from v-f24-64.candelatech.com
	(50-251-239-81-static.hfc.comcastbusiness.net [50.251.239.81])
	by mail3.candelatech.com (Postfix) with ESMTP id 41987105C;
	Tue, 21 Jan 2020 12:09:35 -0800 (PST)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail3.candelatech.com 41987105C
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=candelatech.com;
	s=default; t=1579637375;
	bh=qhBDsBYcus6t3vnEH4yexrtHluHeahizcib4lG6PsfE=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=Dl4oKokavQin9KB+xxvv8yP7Gm6NHh11eNak2HioXcEOGmUmphLqTKTkhoDpYSXLu
	xJSiRvJeY3wRthl+2bZ7IDUgvzhQlNl03Gd8ezamK0FN7ytjxIGjJpqyCGS5XNykA2
	IRyiZeC1ks6PBN05i6TX+RSVU+QpeuFEGSWIeCXE=
From: greearb@candelatech.com
To: hostap@lists.infradead.org
Subject: [PATCH 2/2] Fix tls_openssl compile on systems with OpenSSL 1.0
	installed.
Date: Tue, 21 Jan 2020 12:09:27 -0800
Message-Id: <1579637367-14080-2-git-send-email-greearb@candelatech.com>
X-Mailer: git-send-email 2.7.5
In-Reply-To: <1579637367-14080-1-git-send-email-greearb@candelatech.com>
References: <1579637367-14080-1-git-send-email-greearb@candelatech.com>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20200121_120936_138200_44ACE05A 
X-CRM114-Status: UNSURE (   8.25  )
X-CRM114-Notice: Please train this message.
X-Spam-Score: -0.2 (/)
X-Spam-Report: SpamAssassin version 3.4.3 on bombadil.infradead.org summary:
	Content analysis details:   (-0.2 points)
	pts rule name              description
	---- ----------------------
	--------------------------------------------------
	0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
	-0.0 SPF_PASS               SPF: sender matches SPF record
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
	envelope-from domain
	-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	author's domain
X-BeenThere: hostap@lists.infradead.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <hostap.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/hostap>,
	<mailto:hostap-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/hostap/>
List-Post: <mailto:hostap@lists.infradead.org>
List-Help: <mailto:hostap-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/hostap>,
	<mailto:hostap-request@lists.infradead.org?subject=subscribe>
Cc: Ben Greear <greearb@candelatech.com>
MIME-Version: 1.0
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

From: Ben Greear <greearb@candelatech.com>

This lets me compile once more on Fedora 17 and other older
systems.

Signed-off-by: Ben Greear <greearb@candelatech.com>
---
 src/crypto/tls_openssl.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 9d11c8a..3fb29e3 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -2682,6 +2682,7 @@ static int tls_connection_ca_cert(struct tls_data *data,
 				      (const unsigned char **) &ca_cert_blob,
 				      ca_cert_blob_len);
 		if (cert == NULL) {
+#if OPENSSL_VERSION_NUMBER >= 0x10200000L
 			BIO *bio = BIO_new_mem_buf(ca_cert_blob,
 						   ca_cert_blob_len);
 
@@ -2699,6 +2700,11 @@ static int tls_connection_ca_cert(struct tls_data *data,
 			while (ERR_get_error()) {
 				/* Ignore errors from DER conversion. */
 			}
+#else
+			tls_show_errors(MSG_WARNING, __func__,
+					"Failed to parse ca_cert_blob");
+			return -1;
+#endif
 		}
 
 		if (!X509_STORE_add_cert(SSL_CTX_get_cert_store(ssl_ctx),
@@ -5253,6 +5259,7 @@ static void openssl_debug_dump_cipher_list(SSL_CTX *ssl_ctx)
 
 
 #if !defined(LIBRESSL_VERSION_NUMBER) && !defined(BORINGSSL_API_VERSION)
+#if OPENSSL_VERSION_NUMBER >= 0x10200000L
 
 static const char * openssl_pkey_type_str(const EVP_PKEY *pkey)
 {
@@ -5312,11 +5319,13 @@ static void openssl_debug_dump_certificates(SSL_CTX *ssl_ctx)
 }
 
 #endif
+#endif
 
 
 static void openssl_debug_dump_certificate_chains(SSL_CTX *ssl_ctx)
 {
 #if !defined(LIBRESSL_VERSION_NUMBER) && !defined(BORINGSSL_API_VERSION)
+#if OPENSSL_VERSION_NUMBER >= 0x10200000L
 	int res;
 
 	for (res = SSL_CTX_set_current_cert(ssl_ctx, SSL_CERT_SET_FIRST);
@@ -5326,6 +5335,7 @@ static void openssl_debug_dump_certificate_chains(SSL_CTX *ssl_ctx)
 
 	SSL_CTX_set_current_cert(ssl_ctx, SSL_CERT_SET_FIRST);
 #endif
+#endif
 }
 
 
@@ -5660,6 +5670,10 @@ u16 tls_connection_get_cipher_suite(struct tls_connection *conn)
 #if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
 	return SSL_CIPHER_get_protocol_id(cipher);
 #else
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+	return cipher->id & 0XFFFF;
+#else
 	return SSL_CIPHER_get_id(cipher) & 0xFFFF;
 #endif
+#endif
 }