1From 5e580eefac44d0c709afcf93eb5fca2fb353166a Mon Sep 17 00:00:00 2001 2From: orbea <orbea@riseup.net> 3Date: Fri, 26 May 2023 13:38:34 -0700 4Subject: [PATCH] server: add SSL_OP_NO_RENEGOTIATION fallback path 5 6With LibreSSL SSL_OP_NO_CLIENT_RENEGOTIATION is opaque which is not 7compatible with the OpenSSL 1.0.2 and earlier code path in 8red-stream.cpp while SSL_OP_NO_RENEGOTIATION is not yet defined for the 9newer OpenSSL code path in reds.cpp. 10 11So with OpenSSL 1.1.0 and later if SSL_OP_NO_RENEGOTIATION is undefined 12and SSL_OP_NO_CLIENT_RENEGOTIATION is defined then define the former as 13the latter. This will allow the build to succeed with LibreSSL 3.7.2 and 14in the future when newer LibreSSL versions add SSL_OP_NO_RENEGOTIATION 15that code path will then be used automatically. 16 17Signed-off-by: orbea <orbea@riseup.net> 18Acked-by: Frediano Ziglio <freddy77@gmail.com> 19 20Upstream: https://gitlab.freedesktop.org/spice/spice/-/commit/5e580eefac44d0c709afcf93eb5fca2fb353166a 21Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> 22--- 23 server/red-stream.h | 4 ++++ 24 1 file changed, 4 insertions(+) 25 26diff --git a/server/red-stream.h b/server/red-stream.h 27index 716e93317..8e57c5e5e 100644 28--- a/server/red-stream.h 29+++ b/server/red-stream.h 30@@ -25,6 +25,10 @@ 31 32 SPICE_BEGIN_DECLS 33 34+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(SSL_OP_NO_RENEGOTIATION) && defined(SSL_OP_NO_CLIENT_RENEGOTIATION) 35+#define SSL_OP_NO_RENEGOTIATION SSL_OP_NO_CLIENT_RENEGOTIATION 36+#endif 37+ 38 typedef void (*AsyncReadDone)(void *opaque); 39 typedef void (*AsyncReadError)(void *opaque, int err); 40 41-- 42GitLab 43 44