diff options
| author | Jay Satiro <raysatiro@yahoo.com> | 2021-12-15 14:45:34 -0500 |
|---|---|---|
| committer | Jay Satiro <raysatiro@yahoo.com> | 2021-12-16 13:49:52 -0500 |
| commit | 79d6057f1bb4e24b3d86102e27a64693af1eafff (patch) | |
| tree | 3521ecf681943782f76cba29e606df388c49f564 | |
| parent | cb26b2c7a7622946e9c40f60cb2915d362a0d651 (diff) | |
| download | curl-79d6057f1bb4e24b3d86102e27a64693af1eafff.tar.gz | |
openssl: define HAVE_OPENSSL_VERSION for OpenSSL 1.1.0+
Prior to this change OpenSSL_version was only detected in configure
builds. For other builds the old version parsing code was used which
would result in incorrect versioning for OpenSSL 3:
Before:
curl 7.80.0 (i386-pc-win32) libcurl/7.80.0 OpenSSL/3.0.0a zlib/1.2.11
WinIDN libssh2/1.9.0
After:
curl 7.80.0 (i386-pc-win32) libcurl/7.80.0 OpenSSL/3.0.1 zlib/1.2.11
WinIDN libssh2/1.9.0
Reported-by: lllaffer@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/8154
Closes https://github.com/curl/curl/pull/8155
| -rw-r--r-- | lib/vtls/openssl.c | 21 | ||||
| -rw-r--r-- | m4/curl-openssl.m4 | 5 |
2 files changed, 15 insertions, 11 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 94bfb57e7..8fce068e4 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -246,6 +246,13 @@ #define HAVE_RANDOM_INIT_BY_DEFAULT 1 #endif +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \ + !(defined(LIBRESSL_VERSION_NUMBER) && \ + LIBRESSL_VERSION_NUMBER < 0x2070100fL) && \ + !defined(OPENSSL_IS_BORINGSSL) +#define HAVE_OPENSSL_VERSION +#endif + struct ssl_backend_data { struct Curl_easy *logger; /* transfer handle to pass trace logs to, only using sockindex 0 */ @@ -4396,13 +4403,7 @@ static ssize_t ossl_recv(struct Curl_easy *data, /* transfer */ static size_t ossl_version(char *buffer, size_t size) { #ifdef LIBRESSL_VERSION_NUMBER -#if LIBRESSL_VERSION_NUMBER < 0x2070100fL - return msnprintf(buffer, size, "%s/%lx.%lx.%lx", - OSSL_PACKAGE, - (LIBRESSL_VERSION_NUMBER>>28)&0xf, - (LIBRESSL_VERSION_NUMBER>>20)&0xff, - (LIBRESSL_VERSION_NUMBER>>12)&0xff); -#else /* OpenSSL_version() first appeared in LibreSSL 2.7.1 */ +#ifdef HAVE_OPENSSL_VERSION char *p; int count; const char *ver = OpenSSL_version(OPENSSL_VERSION); @@ -4416,6 +4417,12 @@ static size_t ossl_version(char *buffer, size_t size) *p = '_'; } return count; +#else + return msnprintf(buffer, size, "%s/%lx.%lx.%lx", + OSSL_PACKAGE, + (LIBRESSL_VERSION_NUMBER>>28)&0xf, + (LIBRESSL_VERSION_NUMBER>>20)&0xff, + (LIBRESSL_VERSION_NUMBER>>12)&0xff); #endif #elif defined(OPENSSL_IS_BORINGSSL) return msnprintf(buffer, size, OSSL_PACKAGE); diff --git a/m4/curl-openssl.m4 b/m4/curl-openssl.m4 index 5309f33d2..ee23c9d6f 100644 --- a/m4/curl-openssl.m4 +++ b/m4/curl-openssl.m4 @@ -535,11 +535,8 @@ if test "x$OPT_OPENSSL" != xno; then if test X"$OPENSSL_ENABLED" = X"1"; then dnl These can only exist if OpenSSL exists - dnl OpenSSL_version is introduced in 3.0.0 - AC_CHECK_FUNCS( RAND_egd \ - SSLv2_client_method \ - OpenSSL_version ) + AC_CHECK_FUNCS( RAND_egd ) AC_MSG_CHECKING([for BoringSSL]) AC_COMPILE_IFELSE([ |