Some time ago I started analyzing ifdefs and looking up the OpenBSD repo what version of LibreSSL supports that particular feature. A non-exhaustive list of my findings: > sslinfo.c: > #if defined(LIBRESSL_VERSION_NUMBER) > value = tcn_new_string(e, "UNKNOWN"); > #else > nid = X509_get_signature_nid(xs); > if (nid == NID_undef) > value = tcn_new_string(e, "UNKNOWN"); > else > value = tcn_new_string(e, OBJ_nid2ln(nid)); > #endif > $ git tag --contains e1dc6f25d8 > OPENBSD_6_3_BASE > libressl-v2.7.0 > > #if defined(LIBRESSL_VERSION_NUMBER) > value = tcn_new_string(e, "UNKNOWN"); > #else > nid = X509_get_signature_nid(xs); > if (nid == NID_undef) > value = tcn_new_string(e, "UNKNOWN"); > else > value = tcn_new_string(e, OBJ_nid2ln(nid)); > #endif > > $ git tag --contains 2191533b47 > OPENBSD_6_3_BASE > libressl-v2.7.0 > > ssl.c: > #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) > /* OpenSSL Pre-1.1.0 compatibility */ > /* Taken from OpenSSL 1.1.0 snapshot 20160410 */ > int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) > { > /* q is optional */ > if (p == NULL || g == NULL) > return 0; > BN_free(dh->p); > BN_free(dh->q); > BN_free(dh->g); > dh->p = p; > dh->q = q; > dh->g = g; > > if (q != NULL) { > dh->length = BN_num_bits(q); > } > > return 1; > } > #endif > > $ git tag --contains 830713debd > OPENBSD_6_3_BASE > libressl-v2.7.0 > > > #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) > static BIO_METHOD jbs_methods = { > BIO_TYPE_FILE, > "Java Callback", > jbs_write, > jbs_read, > jbs_puts, > jbs_gets, > jbs_ctrl, > jbs_new, > jbs_free, > NULL > }; > #else > static BIO_METHOD *jbs_methods = NULL; > > static void init_bio_methods(void) > { > jbs_methods = BIO_meth_new(BIO_TYPE_FILE, "Java Callback"); > BIO_meth_set_write(jbs_methods, &jbs_write); > BIO_meth_set_read(jbs_methods, &jbs_read); > BIO_meth_set_puts(jbs_methods, &jbs_puts); > BIO_meth_set_gets(jbs_methods, &jbs_gets); > BIO_meth_set_ctrl(jbs_methods, &jbs_ctrl); > BIO_meth_set_create(jbs_methods, &jbs_new); > BIO_meth_set_destroy(jbs_methods, &jbs_free); > } > > static void free_bio_methods(void) > { > BIO_meth_free(jbs_methods); > } > #endif > #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) > return(&jbs_methods); > #else > return jbs_methods; > #endif > > > 6e0e12de58 > b08b825ace > > > OPENBSD_6_3_BASE > libressl-v2.7.0 This is intended to be an umbrella ticket to collect/coordinate all ifdefs to bring it on par with OpenSSL. Maybe others want to pick up the work I have done so far.
As of libressl-portable: b52dc3d9b292f4f644d7506a2d62df11f2a6e269 tomcat-native: 1.2.32 tomcat-native does not compile anymore: > $ make > /bin/sh /usr/local/share/apr/build-1/libtool --silent --mode=compile cc -O2 -pipe -DLIBICONV_PLUG -fstack-protector-strong -fno-strict-aliasing -DHAVE_CONFIG_H -DLIBICONV_PLUG -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP -I./include -I/usr/local/openjdk8/include -I/usr/local/openjdk8/include/freebsd -I/tmp/libressl/include -I/usr/local/include/apr-1 -o src/ssl.lo -c src/ssl.c && touch src/ssl.lo > In file included from src/ssl.c:24: > ./include/ssl_private.h:221:9: warning: 'OPENSSL_VERSION' macro redefined [-Wmacro-redefined] > #define OPENSSL_VERSION SSLEAY_VERSION > ^ > /tmp/libressl/include/openssl/crypto.h:320:9: note: previous definition is here > #define OPENSSL_VERSION 0 > ^ > src/ssl.c:221:15: error: incomplete definition of type 'struct dh_st' > BN_free(dh->p); > ~~^ > /tmp/libressl/include/openssl/ossl_typ.h:132:16: note: forward declaration of 'struct dh_st' > typedef struct dh_st DH; > ^ > src/ssl.c:222:15: error: incomplete definition of type 'struct dh_st' > BN_free(dh->q); > ~~^ > /tmp/libressl/include/openssl/ossl_typ.h:132:16: note: forward declaration of 'struct dh_st' > typedef struct dh_st DH; > ^ > src/ssl.c:223:15: error: incomplete definition of type 'struct dh_st' > BN_free(dh->g); > ~~^ > /tmp/libressl/include/openssl/ossl_typ.h:132:16: note: forward declaration of 'struct dh_st' > typedef struct dh_st DH; > ^ > src/ssl.c:224:7: error: incomplete definition of type 'struct dh_st' > dh->p = p; > ~~^ > /tmp/libressl/include/openssl/ossl_typ.h:132:16: note: forward declaration of 'struct dh_st' > typedef struct dh_st DH; > ^ > src/ssl.c:225:7: error: incomplete definition of type 'struct dh_st' > dh->q = q; > ~~^ > /tmp/libressl/include/openssl/ossl_typ.h:132:16: note: forward declaration of 'struct dh_st' > typedef struct dh_st DH; > ^ > src/ssl.c:226:7: error: incomplete definition of type 'struct dh_st' > dh->g = g; > ~~^ > /tmp/libressl/include/openssl/ossl_typ.h:132:16: note: forward declaration of 'struct dh_st' > typedef struct dh_st DH; > ^ > src/ssl.c:229:11: error: incomplete definition of type 'struct dh_st' > dh->length = BN_num_bits(q); > ~~^ > /tmp/libressl/include/openssl/ossl_typ.h:132:16: note: forward declaration of 'struct dh_st' > typedef struct dh_st DH; > ^ > src/ssl.c:989:21: error: incomplete definition of type 'struct bio_st' > j = (BIO_JAVA *)BIO_get_data(bi); > ^ ~~ > ./include/ssl_private.h:233:44: note: expanded from macro 'BIO_get_data' > #define BIO_get_data(x) (x->ptr) > ~^ > /tmp/libressl/include/openssl/ossl_typ.h:111:16: note: forward declaration of 'struct bio_st' > typedef struct bio_st BIO; > ^ > src/ssl.c:1008:21: error: incomplete definition of type 'struct bio_st' > j = (BIO_JAVA *)BIO_get_data(bi); > ^ ~~ > ./include/ssl_private.h:233:44: note: expanded from macro 'BIO_get_data' > #define BIO_get_data(x) (x->ptr) > ~^ > /tmp/libressl/include/openssl/ossl_typ.h:111:16: note: forward declaration of 'struct bio_st' > typedef struct bio_st BIO; > ^ > src/ssl.c:1023:5: error: incomplete definition of type 'struct bio_st' > BIO_set_shutdown(bi, 1); > ^ ~~ > ./include/ssl_private.h:235:44: note: expanded from macro 'BIO_set_shutdown' > #define BIO_set_shutdown(x,v) (x->shutdown=v) > ~^ > /tmp/libressl/include/openssl/ossl_typ.h:111:16: note: forward declaration of 'struct bio_st' > typedef struct bio_st BIO; > ^ > src/ssl.c:1024:5: error: incomplete definition of type 'struct bio_st' > BIO_set_init(bi, 0); > ^ ~~ > ./include/ssl_private.h:232:44: note: expanded from macro 'BIO_set_init' > #define BIO_set_init(x,v) (x->init=v) > ~^ > /tmp/libressl/include/openssl/ossl_typ.h:111:16: note: forward declaration of 'struct bio_st' > typedef struct bio_st BIO; > ^ > src/ssl.c:1032:5: error: incomplete definition of type 'struct bio_st' > BIO_set_data(bi, (void *)j); > ^ ~~ > ./include/ssl_private.h:234:44: note: expanded from macro 'BIO_set_data' > #define BIO_set_data(x,v) (x->ptr=v) > ~^ > /tmp/libressl/include/openssl/ossl_typ.h:111:16: note: forward declaration of 'struct bio_st' > typedef struct bio_st BIO; > ^ > src/ssl.c:1042:21: error: incomplete definition of type 'struct bio_st' > j = (BIO_JAVA *)BIO_get_data(bi); > ^ ~~ > ./include/ssl_private.h:233:44: note: expanded from macro 'BIO_get_data' > #define BIO_get_data(x) (x->ptr) > ~^ > /tmp/libressl/include/openssl/ossl_typ.h:111:16: note: forward declaration of 'struct bio_st' > typedef struct bio_st BIO; > ^ > src/ssl.c:1044:13: error: incomplete definition of type 'struct bio_st' > if (BIO_get_init(bi)) { > ^ ~~ > ./include/ssl_private.h:231:44: note: expanded from macro 'BIO_get_init' > #define BIO_get_init(x) (x->init) > ~^ > /tmp/libressl/include/openssl/ossl_typ.h:111:16: note: forward declaration of 'struct bio_st' > typedef struct bio_st BIO; > ^ > src/ssl.c:1046:13: error: incomplete definition of type 'struct bio_st' > BIO_set_init(bi, 0); > ^ ~~ > ./include/ssl_private.h:232:44: note: expanded from macro 'BIO_set_init' > #define BIO_set_init(x,v) (x->init=v) > ~^ > /tmp/libressl/include/openssl/ossl_typ.h:111:16: note: forward declaration of 'struct bio_st' > typedef struct bio_st BIO; > ^ > src/ssl.c:1052:5: error: incomplete definition of type 'struct bio_st' > BIO_set_data(bi, NULL); > ^ ~~ > ./include/ssl_private.h:234:44: note: expanded from macro 'BIO_set_data' > #define BIO_set_data(x,v) (x->ptr=v) > ~^ > /tmp/libressl/include/openssl/ossl_typ.h:111:16: note: forward declaration of 'struct bio_st' > typedef struct bio_st BIO; > ^ > src/ssl.c:1059:9: error: incomplete definition of type 'struct bio_st' > if (BIO_get_init(b) && in != NULL) { > ^ ~ > ./include/ssl_private.h:231:44: note: expanded from macro 'BIO_get_init' > #define BIO_get_init(x) (x->init) > ~^ > /tmp/libressl/include/openssl/ossl_typ.h:111:16: note: forward declaration of 'struct bio_st' > typedef struct bio_st BIO; > ^ > src/ssl.c:1060:35: error: incomplete definition of type 'struct bio_st' > BIO_JAVA *j = (BIO_JAVA *)BIO_get_data(b); > ^ ~ > ./include/ssl_private.h:233:44: note: expanded from macro 'BIO_get_data' > #define BIO_get_data(x) (x->ptr) > ~^ > /tmp/libressl/include/openssl/ossl_typ.h:111:16: note: forward declaration of 'struct bio_st' > typedef struct bio_st BIO; > ^ > src/ssl.c:1085:9: error: incomplete definition of type 'struct bio_st' > if (BIO_get_init(b) && out != NULL) { > ^ ~ > ./include/ssl_private.h:231:44: note: expanded from macro 'BIO_get_init' > #define BIO_get_init(x) (x->init) > ~^ > /tmp/libressl/include/openssl/ossl_typ.h:111:16: note: forward declaration of 'struct bio_st' > typedef struct bio_st BIO; > ^ > fatal error: too many errors emitted, stopping now [-ferror-limit=] > 1 warning and 20 errors generated. > *** Error code 1 > > Stop. > make[1]: stopped in /var/osipovmi/Projekte/tomcat-native/native > *** Error code 1 > > Stop. > make: stopped in /var/osipovmi/Projekte/tomcat-native/native