chore: fix ci for libressl v3.8.2

zhaozg · Feb 2, 2024 · 597199d · 597199d
1 parent ab8f915
commit 597199d
Show file tree

Hide file tree

Showing 10 changed files with 37 additions and 16 deletions.
diff --git a/src/engine.c b/src/engine.c
@@ -10,6 +10,7 @@
 #include "private.h"
 #include <openssl/ssl.h>
 
+#ifndef OPENSSL_NO_ENGINE
 enum
 {
   TYPE_RSA,
@@ -60,7 +61,6 @@ static const char* const list[] =
 
 int openssl_engine(lua_State *L)
 {
-#ifndef OPENSSL_NO_ENGINE
   const ENGINE* eng = NULL;
   if (lua_isstring(L, 1))
   {
@@ -89,11 +89,9 @@ int openssl_engine(lua_State *L)
   }
   else
     lua_pushnil(L);
-#endif
   return 1;
 }
 
-#ifndef OPENSSL_NO_ENGINE
 static int openssl_engine_next(lua_State*L)
 {
   ENGINE* eng = CHECK_OBJECT(1, ENGINE, "openssl.engine");
@@ -513,12 +511,10 @@ static luaL_Reg eng_funcs[] =
 
   {NULL,      NULL},
 };
-#endif
 
 int openssl_register_engine(lua_State* L)
 {
-#ifndef OPENSSL_NO_ENGINE
   auxiliar_newclass(L, "openssl.engine", eng_funcs);
-#endif
   return 0;
 }
+#endif
diff --git a/src/openssl.c b/src/openssl.c
@@ -401,7 +401,9 @@ static const luaL_Reg eay_functions[] =
   {"clear_error", openssl_clear_error},
   {"error",       openssl_error_string},
   {"errors",      openssl_errors},
+#ifndef OPENSSL_NO_ENGINE
   {"engine",      openssl_engine},
+#endif
   {"FIPS_mode",   openssl_fips_mode},
 
   {NULL, NULL}
@@ -555,7 +557,9 @@ LUALIB_API int luaopen_openssl(lua_State*L)
   luaL_setfuncs(L, eay_functions, 0);
 
   openssl_register_lhash(L);
+#ifndef OPENSSL_NO_ENGINE
   openssl_register_engine(L);
+#endif
 
   luaopen_bio(L);
   lua_setfield(L, -2, "bio");

diff --git a/src/rsa.c b/src/rsa.c
@@ -313,9 +313,11 @@ static int openssl_padding_add(lua_State *L)
     }
     break;
   }
+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x30800000L
   case RSA_X931_PADDING:
     ret = RSA_padding_add_X931(to, sz, from, l);
     break;
+#endif
 #if OPENSSL_VERSION_NUMBER > 0x10000000L
   case RSA_PKCS1_PSS_PADDING:
   {
@@ -409,9 +411,11 @@ static int openssl_padding_check(lua_State *L)
   case RSA_NO_PADDING:
     ret = RSA_padding_check_none(to, sz, from, l, sz);
     break;
+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x30800000L
   case RSA_X931_PADDING:
     ret = RSA_padding_check_X931(to, sz, from, l, sz);
     break;
+#endif
 #if OPENSSL_VERSION_NUMBER > 0x10000000L
   case RSA_PKCS1_PSS_PADDING:
   {

diff --git a/test/0.engine.lua b/test/0.engine.lua
@@ -1,5 +1,8 @@
 local openssl = require 'openssl'
 local helper = require'helper'
+if not openssl.engine then
+  return
+end
 
 TestEngine = {}
 function TestEngine:testAll()

diff --git a/test/2.kdf.lua b/test/2.kdf.lua
@@ -14,7 +14,6 @@ function TestKDF:testDerive()
   local keylen = 32
 
   local key = assert(kdf.derive(pwd, salt, md, iter, keylen))
-  print('key', key)
   assert(key)
   assert(#key == 32)
 end

diff --git a/test/4.pkey.lua b/test/4.pkey.lua
@@ -28,12 +28,14 @@ function TestPKEYMY:setUp()
 end
 
 function TestPKEYMY:testBasic()
-  local eng = openssl.engine('openssl')
-  assert(eng)
+  local eng
+  if openssl.engine then
+    eng = assert(openssl.engine('openssl'))
+  end
   for _, v in ipairs(self.genalg) do
     local k = mk_key(v)
     assert(k:is_private())
-    if v[1]~='dh' and k.set_engine then
+    if v[1]~='dh' and eng then
       k:set_engine(eng)
     end
     assert(not k:missing_paramaters())

diff --git a/test/8.ssl.lua b/test/8.ssl.lua
@@ -355,7 +355,9 @@ function TestSSL:testSNI()
   local srv = assert(srv_ctx:ssl(bs, bs, true))
   local cli = assert(cli_ctx:ssl(bc, bc, false))
   srv_ctx:add(ca.cacert, certs)
-  srv_ctx:set_engine(openssl.engine('openssl'))
+  if openssl.engine then
+    srv_ctx:set_engine(openssl.engine('openssl'))
+  end
   srv_ctx:timeout(500)
   assert(srv_ctx:timeout() == 500)
   local t = assert(srv_ctx:session_cache_mode())
@@ -573,8 +575,10 @@ function TestSSL:testSNI()
   srv_ctx:session_cache_mode(unpack(old))
   lu.assertEquals(old, srv_ctx:session_cache_mode())
 
-  local eng = openssl.engine('openssl')
-  eng:load_ssl_client_cert(cli)
+  if openssl.engine then
+    local eng = openssl.engine('openssl')
+    eng:load_ssl_client_cert(cli)
+  end
   cli:clear()
   cli:shutdown()
 

diff --git a/test/dsa.lua b/test/dsa.lua
@@ -9,5 +9,7 @@ function TestDSA:Testdsa()
   local t = k:parse()
   assert(t.bits == 1024)
 
-  k:set_engine(openssl.engine('openssl'))
+  if openssl.engine then
+    k:set_engine(openssl.engine('openssl'))
+  end
 end
diff --git a/test/ec.lua b/test/ec.lua
@@ -159,7 +159,9 @@ if openssl.ec then
     der = ec:export()
     assert(type(der)=='string')
     local ec1 = openssl.ec.read(der)
-    assert(ec1:set_method(openssl.engine('openssl')))
+    if openssl.engine then
+      assert(ec1:set_method(openssl.engine('openssl')))
+    end
     assert(ec1:conv_form('hybrid'))
     assert(ec1:conv_form()=='hybrid')
     assert(ec1:enc_flags('explicit'))

diff --git a/test/rsa.lua b/test/rsa.lua
@@ -48,7 +48,9 @@ function TestRSA:TestRSA()
       "no"
     }
 
-    k:set_engine(openssl.engine('openssl'))
+    if openssl.engine then
+      k:set_engine(openssl.engine('openssl'))
+    end
 
     for _=1, #padding+1 do
       local pad = padding[_]
@@ -95,6 +97,9 @@ function TestRSA:TestPad_pkcs1()
 end
 
 function TestRSA:TestPad_x931()
+  if helper.libressl and helper._opensslv > 0x30800000 then
+    return
+  end
   local msg = openssl.random(128)
   local padded = rsa.padding_add(msg,'x931', 256)
   local raw = rsa.padding_check(padded, 'x931', 256)