From 8825f7a883ecc6aeda8a17376a87a46ae9193fc7 Mon Sep 17 00:00:00 2001
From: Timo Sirainen <timo.sirainen@dovecot.fi>
Date: Sat, 25 Feb 2017 21:47:01 +0200
Subject: [PATCH] lib-dcrypt: Replace #if OPENSSL_VERSION_NUMBER with more
 explicit checks

---
 configure.ac                    | 12 ++++++++++++
 src/lib-dcrypt/dcrypt-openssl.c | 13 ++++++++-----
 2 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/configure.ac b/configure.ac
index 1f5f3f6416..a4c444726e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1793,6 +1793,18 @@ if test $want_openssl != no && test $have_ssl = no; then
     AC_CHECK_LIB(ssl, ASN1_STRING_get0_data, [
       AC_DEFINE(HAVE_ASN1_STRING_GET0_DATA,, [Build with ASN1_STRING_get0_data() support])
     ],, $SSL_LIBS)
+    AC_CHECK_LIB(ssl, HMAC_CTX_new, [
+      AC_DEFINE(HAVE_HMAC_CTX_NEW,, [Build with HMAC_CTX_new() support])
+    ],, $SSL_LIBS)
+    AC_CHECK_LIB(ssl, EVP_MD_CTX_new, [
+      AC_DEFINE(HAVE_EVP_MD_CTX_NEW,, [Build with EVP_MD_CTX_new() support])
+    ],, $SSL_LIBS)
+    AC_CHECK_LIB(ssl, OBJ_length, [
+      AC_DEFINE(HAVE_OBJ_LENGTH,, [Build with OBJ_length() support])
+    ],, $SSL_LIBS)
+    AC_CHECK_LIB(ssl, EVP_PKEY_get0_RSA, [
+      AC_DEFINE(HAVE_EVP_PKEY_get0,, [Build with EVP_PKEY_get0_*() support])
+    ],, $SSL_LIBS)
     AC_CHECK_LIB(ssl, [EVP_PKEY_CTX_new_id], [have_evp_pkey_ctx_new_id="yes"],, $SSL_LIBS)
     AC_CHECK_LIB(ssl, [EC_KEY_new], [have_ec_key_new="yes"],, $SSL_LIBS)
     if test "$have_evp_pkey_ctx_new_id" = "yes" && test "$have_ec_key_new" = "yes"; then
diff --git a/src/lib-dcrypt/dcrypt-openssl.c b/src/lib-dcrypt/dcrypt-openssl.c
index b3fec86c91..0e1f625a8b 100644
--- a/src/lib-dcrypt/dcrypt-openssl.c
+++ b/src/lib-dcrypt/dcrypt-openssl.c
@@ -69,18 +69,21 @@
   2<tab>key algo oid<tab>1<tab>symmetric algo name<tab>salt<tab>hash algo<tab>rounds<tab>E(RSA = i2d_PrivateKey, EC=Private Point)<tab>key id
 **/
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#ifndef HAVE_EVP_PKEY_get0
 #define EVP_PKEY_get0_EC_KEY(x) x->pkey.ec
 #define EVP_PKEY_get0_RSA(x) x->pkey.rsa
+#endif
+
+#ifndef HAVE_OBJ_LENGTH
 #define OBJ_length(o) ((o)->length)
 #endif
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#ifndef HAVE_EVP_MD_CTX_NEW
 #  define EVP_MD_CTX_new() EVP_MD_CTX_create()
 #  define EVP_MD_CTX_free(ctx) EVP_MD_CTX_destroy(ctx)
 #endif
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#ifndef HAVE_HMAC_CTX_NEW
 #  define HMAC_Init_ex(ctx, key, key_len, md, impl) \
 	HMAC_Init_ex(&(ctx), key, key_len, md, impl)
 #  define HMAC_Update(ctx, data, len) HMAC_Update(&(ctx), data, len)
@@ -108,7 +111,7 @@ struct dcrypt_context_symmetric {
 struct dcrypt_context_hmac {
 	pool_t pool;
 	const EVP_MD *md;
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#ifdef HAVE_HMAC_CTX_NEW
 	HMAC_CTX *ctx;
 #else
 	HMAC_CTX ctx;
@@ -484,7 +487,7 @@ bool dcrypt_openssl_ctx_hmac_init(struct dcrypt_context_hmac *ctx, const char **
 {
 	int ec;
 	i_assert(ctx->md != NULL);
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#ifdef HAVE_HMAC_CTX_NEW
 	ctx->ctx = HMAC_CTX_new();
 	if (ctx->ctx == NULL) return dcrypt_openssl_error(error_r);
 #endif