[U-Boot] [PATCH] rsa-sign: Fix build against libressl

[Hauke Mehrtens]

Libressl implements the OpenSSL 1.1 API partially and improved the
support with version 2.7. For some code we have to take use the OpenSSL
1.0 API and for some parts the OpenSSL 1.1 API can be used.
This was compile tested against libressl 2.6.4 and 2.7.2.

Signed-off-by: Hauke Mehrtens <hauke at hauke-m.de>
---
 lib/rsa/rsa-sign.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index 1da4ef7fff..b2a4446d83 100644
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -21,7 +21,8 @@
 #define HAVE_ERR_REMOVE_THREAD_STATE
 #endif
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
+    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
 static void RSA_get0_key(const RSA *r,
                  const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
 {
@@ -300,7 +301,8 @@ static int rsa_init(void)
 {
 	int ret;
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
+    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
 	ret = SSL_library_init();
 #else
 	ret = OPENSSL_init_ssl(0, NULL);
@@ -309,7 +311,7 @@ static int rsa_init(void)
 		fprintf(stderr, "Failure to init SSL library\n");
 		return -1;
 	}
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 	SSL_load_error_strings();
 
 	OpenSSL_add_all_algorithms();
@@ -355,7 +357,7 @@ err_set_rsa:
 err_engine_init:
 	ENGINE_free(e);
 err_engine_by_id:
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L ||  defined(LIBRESSL_VERSION_NUMBER)
 	ENGINE_cleanup();
 #endif
 	return ret;
@@ -363,7 +365,7 @@ err_engine_by_id:
 
 static void rsa_remove(void)
 {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 	CRYPTO_cleanup_all_ex_data();
 	ERR_free_strings();
 #ifdef HAVE_ERR_REMOVE_THREAD_STATE
@@ -433,7 +435,8 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo,
 		ret = rsa_err("Could not obtain signature");
 		goto err_sign;
 	}
-	#if OPENSSL_VERSION_NUMBER < 0x10100000L
+	#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
+	    defined(LIBRESSL_VERSION_NUMBER)
 		EVP_MD_CTX_cleanup(context);
 	#else
 		EVP_MD_CTX_reset(context);
-- 
2.11.0