diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_crl.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_crl.c --- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_crl.c 2016-06-30 17:20:10.000000000 +0300 +++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_crl.c 2016-11-07 09:43:34.386040269 +0200 @@ -46,7 +46,7 @@ #include #include -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) static inline void X509_CRL_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, const X509_CRL *crl) { if (psig) { *psig = crl->signature; } if (palg) { *palg = crl->sig_alg; } @@ -281,7 +281,7 @@ return FALSE; } /* i2d_re_X509_CRL_tbs() was added with 1.1.0 when X509_CRL became opaque */ -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) tbs = openssl_i2chunk(re_X509_CRL_tbs, this->crl); #else tbs = openssl_i2chunk(X509_CRL_INFO, this->crl->crl); @@ -524,7 +524,7 @@ X509_CRL_get0_signature(NULL, &alg, this->crl); X509_ALGOR_get0(&oid, NULL, NULL, alg); -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) if (!chunk_equals( openssl_asn1_obj2chunk(this->crl->crl->sig_alg->algorithm), openssl_asn1_obj2chunk(this->crl->sig_alg->algorithm))) diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c --- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c 2016-06-30 17:20:10.000000000 +0300 +++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c 2016-11-07 09:43:49.292891861 +0200 @@ -27,7 +27,7 @@ #include /* these were added with 1.1.0 when DH was made opaque */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) OPENSSL_KEY_FALLBACK(DH, key, pub_key, priv_key) OPENSSL_KEY_FALLBACK(DH, pqg, p, q, g) #define DH_set_length(dh, len) ({ (dh)->length = len; 1; }) diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c --- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c 2016-10-08 15:17:09.000000000 +0300 +++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c 2016-11-07 09:43:54.582957491 +0200 @@ -28,7 +28,7 @@ #include #include -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) OPENSSL_KEY_FALLBACK(ECDSA_SIG, r, s) #endif diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c --- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c 2016-06-30 17:20:10.000000000 +0300 +++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c 2016-11-07 09:43:58.653007980 +0200 @@ -27,7 +27,7 @@ #include #include -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) OPENSSL_KEY_FALLBACK(ECDSA_SIG, r, s) #endif diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_hmac.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_hmac.c --- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_hmac.c 2016-06-30 17:20:10.000000000 +0300 +++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_hmac.c 2016-11-07 09:44:46.043595875 +0200 @@ -70,7 +70,7 @@ */ HMAC_CTX *hmac; -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) /** * Static context for OpenSSL < 1.1.0 */ @@ -140,7 +140,7 @@ METHOD(mac_t, destroy, void, private_mac_t *this) { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) HMAC_CTX_free(this->hmac); #else HMAC_CTX_cleanup(&this->hmac_ctx); @@ -178,7 +178,7 @@ return NULL; } -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) this->hmac = HMAC_CTX_new(); #else HMAC_CTX_init(&this->hmac_ctx); diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_pkcs7.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_pkcs7.c --- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_pkcs7.c 2016-07-08 11:57:18.000000000 +0300 +++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_pkcs7.c 2016-11-07 09:44:58.337081716 +0200 @@ -29,7 +29,7 @@ #include -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) #define X509_ATTRIBUTE_get0_object(attr) ({ (attr)->object; }) #endif diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_plugin.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_plugin.c --- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_plugin.c 2016-10-08 15:17:09.000000000 +0300 +++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_plugin.c 2016-11-07 09:45:31.187489232 +0200 @@ -68,7 +68,7 @@ /** * OpenSSL is thread-safe since 1.1.0 */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) /** * Array of static mutexs, with CRYPTO_num_locks() mutex @@ -568,7 +568,7 @@ /* OpenSSL 1.1.0 cleans up itself at exit and while OPENSSL_cleanup() exists we * can't call it as we couldn't re-initialize the library (as required by the * unit tests and the Android app) */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) #ifndef OPENSSL_IS_BORINGSSL CONF_modules_free(); OBJ_cleanup(); @@ -623,7 +623,7 @@ }, ); -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) /* note that we can't call OPENSSL_cleanup() when the plugin is destroyed * as we couldn't initialize the library again afterwards */ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG | diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c --- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c 2016-10-08 15:17:09.000000000 +0300 +++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c 2016-11-07 09:45:57.407814497 +0200 @@ -36,7 +36,7 @@ */ #define PUBLIC_EXPONENT 0x10001 -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) OPENSSL_KEY_FALLBACK(RSA, key, n, e, d) OPENSSL_KEY_FALLBACK(RSA, factors, p, q) OPENSSL_KEY_FALLBACK(RSA, crt_params, dmp1, dmq1, iqmp) diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c --- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c 2016-09-27 11:40:31.000000000 +0300 +++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c 2016-11-07 09:46:02.771214366 +0200 @@ -28,7 +28,7 @@ #include #include -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) OPENSSL_KEY_FALLBACK(RSA, key, n, e, d) #endif diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_util.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_util.c --- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_util.c 2016-06-30 17:20:10.000000000 +0300 +++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_util.c 2016-11-07 09:46:15.918044119 +0200 @@ -23,7 +23,7 @@ #include /* these were added with 1.1.0 when ASN1_OBJECT was made opaque */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) #define OBJ_get0_data(o) ((o)->data) #define OBJ_length(o) ((o)->length) #endif diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_x509.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_x509.c --- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_x509.c 2016-06-30 17:20:10.000000000 +0300 +++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_x509.c 2016-11-07 09:46:51.818489485 +0200 @@ -61,7 +61,7 @@ #endif /* added with 1.0.2 */ -#if OPENSSL_VERSION_NUMBER < 0x10002000L +#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) static inline void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, const X509 *x) { if (psig) { *psig = x->signature; } if (palg) { *palg = x->sig_alg; } @@ -69,7 +69,7 @@ #endif /* added with 1.1.0 when X509 etc. was made opaque */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) #define X509_get0_extensions(x509) ({ (x509)->cert_info->extensions; }) #define X509_get0_tbs_sigalg(x509) ({ (x509)->cert_info->signature; }) #define X509_ALGOR_get0(oid, ppt, ppv, alg) ({ *(oid) = (alg)->algorithm; }) @@ -434,7 +434,7 @@ return FALSE; } /* i2d_re_X509_tbs() was added with 1.1.0 when X509 was made opaque */ -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) tbs = openssl_i2chunk(re_X509_tbs, this->x509); #else tbs = openssl_i2chunk(X509_CINF, this->x509->cert_info);