aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls
diff options
context:
space:
mode:
authorJay Satiro <raysatiro@yahoo.com>2018-03-24 00:57:42 -0400
committerJay Satiro <raysatiro@yahoo.com>2019-12-01 18:56:24 -0500
commit0436d4438a9dbfd5dc1364de31281505c7915b25 (patch)
treea0ff9153503ade1b3cc8c8930bb3113b2173afc3 /lib/vtls
parent5b22e1a5a9966036f087de8f58af449975400e58 (diff)
openssl: retrieve reported LibreSSL version at runtime
- Retrieve LibreSSL runtime version when supported (>= 2.7.1). For earlier versions we continue to use the compile-time version. Ref: https://man.openbsd.org/OPENSSL_VERSION_NUMBER.3 Closes https://github.com/curl/curl/pull/2425
Diffstat (limited to 'lib/vtls')
-rw-r--r--lib/vtls/openssl.c30
1 files changed, 24 insertions, 6 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index e5bd9d604..32d0e449e 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -142,10 +142,6 @@
#endif
#endif
-#ifdef LIBRESSL_VERSION_NUMBER
-#define OpenSSL_version_num() LIBRESSL_VERSION_NUMBER
-#endif
-
#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) && /* 1.0.2 or later */ \
!(defined(LIBRESSL_VERSION_NUMBER) && \
LIBRESSL_VERSION_NUMBER < 0x20700000L)
@@ -3975,13 +3971,35 @@ static ssize_t ossl_recv(struct connectdata *conn, /* connection data */
static size_t Curl_ossl_version(char *buffer, size_t size)
{
-#ifdef OPENSSL_IS_BORINGSSL
+#ifdef LIBRESSL_VERSION_NUMBER
+#if LIBRESSL_VERSION_NUMBER < 0x2070100fL
+ return msnprintf(buffer, size, "%s/%lx.%lx.%lx",
+ OSSL_PACKAGE,
+ (LIBRESSL_VERSION_NUMBER>>28)&0xf,
+ (LIBRESSL_VERSION_NUMBER>>20)&0xff,
+ (LIBRESSL_VERSION_NUMBER>>12)&0xff);
+#else /* OpenSSL_version() first appeared in LibreSSL 2.7.1 */
+ char *p;
+ int count;
+ const char *ver = OpenSSL_version(OPENSSL_VERSION);
+ const char expected[] = OSSL_PACKAGE " "; /* ie "LibreSSL " */
+ if(Curl_strncasecompare(ver, expected, sizeof(expected) - 1)) {
+ ver += sizeof(expected) - 1;
+ }
+ count = msnprintf(buffer, size, "%s/%s", OSSL_PACKAGE, ver);
+ for(p = buffer; *p; ++p) {
+ if(ISSPACE(*p))
+ *p = '_';
+ }
+ return count;
+#endif
+#elif defined(OPENSSL_IS_BORINGSSL)
return msnprintf(buffer, size, OSSL_PACKAGE);
#elif defined(HAVE_OPENSSL_VERSION) && defined(OPENSSL_VERSION_STRING)
return msnprintf(buffer, size, "%s/%s",
OSSL_PACKAGE, OpenSSL_version(OPENSSL_VERSION_STRING));
#else
- /* not BoringSSL and not using OpenSSL_version */
+ /* not LibreSSL, BoringSSL and not using OpenSSL_version */
char sub[3];
unsigned long ssleay_value;