openssl: define HAVE_OPENSSL_VERSION for OpenSSL 1.1.0+

Prior to this change OpenSSL_version was only detected in configure builds. For other builds the old version parsing code was used which would result in incorrect versioning for OpenSSL 3: Before: curl 7.80.0 (i386-pc-win32) libcurl/7.80.0 OpenSSL/3.0.0a zlib/1.2.11 WinIDN libssh2/1.9.0 After: curl 7.80.0 (i386-pc-win32) libcurl/7.80.0 OpenSSL/3.0.1 zlib/1.2.11 WinIDN libssh2/1.9.0 Reported-by: lllaffer@users.noreply.github.com Fixes https://github.com/curl/curl/issues/8154 Closes https://github.com/curl/curl/pull/8155
2021-12-15 14:45:34 -05:00 · 2021-12-15 14:45:34 -05:00 · 79d6057f1b
commit 79d6057f1b
parent cb26b2c7a7
2 changed files with 15 additions and 11 deletions
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@ -246,6 +246,13 @@
 #define HAVE_RANDOM_INIT_BY_DEFAULT 1
 #endif

+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
+    !(defined(LIBRESSL_VERSION_NUMBER) && \
+      LIBRESSL_VERSION_NUMBER < 0x2070100fL) && \
+    !defined(OPENSSL_IS_BORINGSSL)
+#define HAVE_OPENSSL_VERSION
+#endif
+
 struct ssl_backend_data {
  struct Curl_easy *logger; /* transfer handle to pass trace logs to, only
                               using sockindex 0 */
@ -4396,13 +4403,7 @@ static ssize_t ossl_recv(struct Curl_easy *data,   /* transfer */
 static size_t ossl_version(char *buffer, size_t size)
 {
 #ifdef LIBRESSL_VERSION_NUMBER
-#if LIBRESSL_VERSION_NUMBER < 0x2070100fL
-  return msnprintf(buffer, size, "%s/%lx.%lx.%lx",
-                   OSSL_PACKAGE,
-                   (LIBRESSL_VERSION_NUMBER>>28)&0xf,
-                   (LIBRESSL_VERSION_NUMBER>>20)&0xff,
-                   (LIBRESSL_VERSION_NUMBER>>12)&0xff);
-#else /* OpenSSL_version() first appeared in LibreSSL 2.7.1 */
+#ifdef HAVE_OPENSSL_VERSION
  char *p;
  int count;
  const char *ver = OpenSSL_version(OPENSSL_VERSION);
@ -4416,6 +4417,12 @@ static size_t ossl_version(char *buffer, size_t size)
      *p = '_';
  }
  return count;
+#else
+  return msnprintf(buffer, size, "%s/%lx.%lx.%lx",
+                   OSSL_PACKAGE,
+                   (LIBRESSL_VERSION_NUMBER>>28)&0xf,
+                   (LIBRESSL_VERSION_NUMBER>>20)&0xff,
+                   (LIBRESSL_VERSION_NUMBER>>12)&0xff);
 #endif
 #elif defined(OPENSSL_IS_BORINGSSL)
  return msnprintf(buffer, size, OSSL_PACKAGE);
--- a/m4/curl-openssl.m4
+++ b/m4/curl-openssl.m4
@ -535,11 +535,8 @@ if test "x$OPT_OPENSSL" != xno; then

  if test X"$OPENSSL_ENABLED" = X"1"; then
    dnl These can only exist if OpenSSL exists
-    dnl OpenSSL_version is introduced in 3.0.0

-    AC_CHECK_FUNCS( RAND_egd \
-                    SSLv2_client_method \
-                    OpenSSL_version )
+    AC_CHECK_FUNCS( RAND_egd )

    AC_MSG_CHECKING([for BoringSSL])
    AC_COMPILE_IFELSE([