From: Guus Sliepen <guus@tinc-vpn.org>
Date: Wed, 28 Feb 2018 20:34:48 +0000 (+0100)
Subject: Fix compatibility with LibreSSL and OpenSSL < 1.1.
X-Git-Tag: release-1.1pre16~13
X-Git-Url: https://tinc-vpn.org/git/browse?a=commitdiff_plain;h=7761a6992025ef06bf8dbf88d39a3bf9e459346a;p=tinc

Fix compatibility with LibreSSL and OpenSSL < 1.1.

Closes #184 on GitHub.
---

diff --git a/m4/openssl.m4 b/m4/openssl.m4
index ca9bbb55..0ff939ba 100644
--- a/m4/openssl.m4
+++ b/m4/openssl.m4
@@ -55,4 +55,5 @@ AC_DEFUN([tinc_OPENSSL],
   )
 
   AC_CHECK_FUNCS([BN_GENCB_new ERR_remove_state RSA_set0_key], , , [#include <openssl/rsa.h>])
+  AC_CHECK_FUNCS([HMAC_CTX_new], , , [#include <openssl/hmac.h>])
 ])
diff --git a/src/openssl/digest.c b/src/openssl/digest.c
index d51dcaa9..9569f3cc 100644
--- a/src/openssl/digest.c
+++ b/src/openssl/digest.c
@@ -66,8 +66,13 @@ digest_t *digest_open_by_nid(int nid, int maclength) {
 }
 
 bool digest_set_key(digest_t *digest, const void *key, size_t len) {
+#ifdef HAVE_HMAC_CTX_NEW
 	digest->hmac_ctx = HMAC_CTX_new();
 	HMAC_Init_ex(digest->hmac_ctx, key, len, digest->digest, NULL);
+#else
+	digest->hmac_ctx = xzalloc(sizeof(*digest->hmac_ctx));
+	HMAC_Init(digest->hmac_ctx, key, len, digest->digest);
+#endif
 
 	if(!digest->hmac_ctx) {
 		abort();
@@ -85,10 +90,16 @@ void digest_close(digest_t *digest) {
 		EVP_MD_CTX_destroy(digest->md_ctx);
 	}
 
+#ifdef HAVE_HMAC_CTX_NEW
+
 	if(digest->hmac_ctx) {
 		HMAC_CTX_free(digest->hmac_ctx);
 	}
 
+#else
+	free(digest->hmac_ctx);
+#endif
+
 	free(digest);
 }
 
diff --git a/src/openssl/digest.h b/src/openssl/digest.h
index d553977b..420b11e0 100644
--- a/src/openssl/digest.h
+++ b/src/openssl/digest.h
@@ -21,6 +21,7 @@
 */
 
 #include <openssl/evp.h>
+#include <openssl/hmac.h>
 
 struct digest {
 	const EVP_MD *digest;