[PATCH] LibreSSL: Fix compilation against LibreSSL >= 4.2.0
Johannes Nixdorf
johannes at nixdorf.dev
Mon Nov 3 07:15:43 PST 2025
The type for the callback function in SSL_set_session_secret_cb() was
changed following the newer OpenSSL and BoringSSL scheme. Fix this by
adding the new LibreSSL version to the existing versions checks.
Signed-off-by: Johannes Nixdorf <johannes at nixdorf.dev>
---
src/crypto/tls_openssl.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index f172241b4f4251479e8a28c99bdee2d2f60c1189..2f51b37efaa66ce0dda9b27b60c95cc6c07c846a 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -5986,7 +5986,9 @@ int tls_global_set_params(void *tls_ctx,
* commented out unless explicitly needed for EAP-FAST in order to be able to
* build this file with unmodified openssl. */
-#if (defined(OPENSSL_IS_BORINGSSL) || OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER)
+#if (defined(OPENSSL_IS_BORINGSSL) || \
+ (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || \
+ LIBRESSL_VERSION_NUMBER >= 0x4020000fL)
static int tls_sess_sec_cb(SSL *s, void *secret, int *secret_len,
STACK_OF(SSL_CIPHER) *peer_ciphers,
const SSL_CIPHER **cipher, void *arg)
---
base-commit: 9c969af8d6d79965aeb59020532722153168408f
change-id: 20251103-libressl4-2-b826d22c15cc
Best regards,
--
Johannes Nixdorf <johannes at nixdorf.dev>
More information about the Hostap
mailing list