Fix compatibility with LibreSSL and OpenSSL < 1.1.

Closes #184 on GitHub.

diff --git a/m4/openssl.m4 b/m4/openssl.m4
index ca9bbb5..0ff939b 100644 (file)
--- a/m4/openssl.m4
+++ b/m4/openssl.m4
@@ -55,4 +55,5 @@ AC_DEFUN([tinc_OPENSSL],
   )
 
   AC_CHECK_FUNCS([BN_GENCB_new ERR_remove_state RSA_set0_key], , , [#include <openssl/rsa.h>])
+  AC_CHECK_FUNCS([HMAC_CTX_new], , , [#include <openssl/hmac.h>])
 ])

diff --git a/src/openssl/digest.c b/src/openssl/digest.c
index d51dcaa..9569f3c 100644 (file)
--- a/src/openssl/digest.c
+++ b/src/openssl/digest.c
@@ -66,8 +66,13 @@ digest_t *digest_open_by_nid(int nid, int maclength) {
 }
 
 bool digest_set_key(digest_t *digest, const void *key, size_t len) {
+#ifdef HAVE_HMAC_CTX_NEW
        digest->hmac_ctx = HMAC_CTX_new();
        HMAC_Init_ex(digest->hmac_ctx, key, len, digest->digest, NULL);
+#else
+       digest->hmac_ctx = xzalloc(sizeof(*digest->hmac_ctx));
+       HMAC_Init(digest->hmac_ctx, key, len, digest->digest);
+#endif
 
        if(!digest->hmac_ctx) {
                abort();
@@ -85,10 +90,16 @@ void digest_close(digest_t *digest) {
                EVP_MD_CTX_destroy(digest->md_ctx);
        }
 
+#ifdef HAVE_HMAC_CTX_NEW
+
        if(digest->hmac_ctx) {
                HMAC_CTX_free(digest->hmac_ctx);
        }
 
+#else
+       free(digest->hmac_ctx);
+#endif
+
        free(digest);
 }
 

diff --git a/src/openssl/digest.h b/src/openssl/digest.h
index d553977..420b11e 100644 (file)
--- a/src/openssl/digest.h
+++ b/src/openssl/digest.h
@@ -21,6 +21,7 @@
 */
 
 #include <openssl/evp.h>
+#include <openssl/hmac.h>
 
 struct digest {
        const EVP_MD *digest;