Overview

File 0668-crypto-Disable-EVP-HMAC-on-openssl-versions-1.0.2.patch of Package erlang

From f0372c3f4be45815e0c5f5ca28dde111206c9816 Mon Sep 17 00:00:00 2001
From: Hans Nilsson <hans@erlang.org>
Date: Thu, 26 Nov 2020 14:18:03 +0100
Subject: [PATCH 4/4] crypto: Disable EVP HMAC on openssl versions <1.0.2

---
 lib/crypto/c_src/openssl_config.h | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/lib/crypto/c_src/openssl_config.h b/lib/crypto/c_src/openssl_config.h
index 7a04031cdb..cf63bd6051 100644
--- a/lib/crypto/c_src/openssl_config.h
+++ b/lib/crypto/c_src/openssl_config.h
@@ -109,14 +109,6 @@
 #ifndef HAS_LIBRESSL
 # if OPENSSL_VERSION_NUMBER >= PACKED_OPENSSL_VERSION_PLAIN(1,0,0)
 #  define HAS_EVP_PKEY_CTX
-#  if OPENSSL_VERSION_NUMBER < PACKED_OPENSSL_VERSION_PLAIN(1,0,2) \
-    && (! DISABLE_EVP_DH)
-     /* Diffie-Hellman EVP is slow on antique crypto libs
-      * DISABLE_EVP_DH is 0 or 1 from the configure script
-      */
-#    undef  DISABLE_EVP_DH
-#    define DISABLE_EVP_DH 1
-#  endif
 #  define HAVE_EVP_CIPHER_CTX_COPY
 # endif
 
@@ -127,6 +119,16 @@
 # endif
 #endif
 
+#if defined(HAS_EVP_PKEY_CTX) \
+    && OPENSSL_VERSION_NUMBER < PACKED_OPENSSL_VERSION_PLAIN(1,0,2)
+     /* EVP is slow on antique crypto libs.
+      * DISABLE_EVP_* is 0 or 1 from the configure script
+      */
+# undef  DISABLE_EVP_DH
+# define DISABLE_EVP_DH 1
+# undef  DISABLE_EVP_HMAC
+# define DISABLE_EVP_HMAC 1
+#endif
 
 #if OPENSSL_VERSION_NUMBER >= PACKED_OPENSSL_VERSION_PLAIN(1,0,0)
 #include <openssl/modes.h>
-- 
2.26.2
openSUSE Build Service is sponsored by
Places