wolfssl: require v5.4.0 for AES-GCM

Earlier versions crash while running tests. This patch is part of a series of fixes to make wolfSSL AES-GCM support work together with libssh2. Possibly related is this wolfSSL bugfix patch, released in v5.4.0: wolfSSL/wolfssl#5205 wolfSSL/wolfssl@fb3c611 "Fix another AES-GCM EVP control command issue" Ref: libssh2#1020 Ref: libssh2#1299 Cherry-picked from libssh2#1407 Closes libssh2#1411
agreppin · Jul 14, 2024 · a4a6dff · a4a6dff
1 parent 8c447f7
commit a4a6dff
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/src/openssl.h b/src/openssl.h
@@ -167,8 +167,11 @@
 # define LIBSSH2_AES_CBC 0
 #endif
 
+/* wolfSSL v5.4.0 is required due to possibly this bug:
+   https://github.com/wolfSSL/wolfssl/pull/5205
+   Before this release, all libssh2 tests crash with AES-GCM enabled */
 #if (OPENSSL_VERSION_NUMBER >= 0x01010100fL && !defined(OPENSSL_NO_AES)) || \
-    (defined(LIBSSH2_WOLFSSL) && \
+    (defined(LIBSSH2_WOLFSSL) && LIBWOLFSSL_VERSION_HEX >= 0x05004000 && \
     defined(HAVE_AESGCM) && defined(WOLFSSL_AESGCM_STREAM))
 # define LIBSSH2_AES_GCM 1
 #else