From 2b41d92f450f328536407da133603120b968c44b Mon Sep 17 00:00:00 2001
From: tb <tb@openbsd.org>
Date: Sun, 13 Nov 2022 14:09:17 +0000
Subject: [PATCH] Avoid symbol collision with libcrypto

libcrypto now provides Ed25519 and the raw public key API, so neuter the
compat implementations. Also link libfido against libcrypto.

The #ifdefs were upstreamed in https://github.com/Yubico/libfido2/pull/645

no objection djm
ok jsing
---
 lib/libfido2/Makefile         | 3 ++-
 lib/libfido2/src/eddsa.c      | 2 +-
 lib/libfido2/src/fido/eddsa.h | 2 +-
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/lib/libfido2/Makefile b/lib/libfido2/Makefile
index 740e995b584..4833d70fb60 100644
--- a/lib/libfido2/Makefile
+++ b/lib/libfido2/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.8 2022/08/29 03:04:29 djm Exp $
+# $OpenBSD: Makefile,v 1.9 2022/11/13 14:09:17 tb Exp $
 
 .PATH:	${.CURDIR}/man ${.CURDIR}/src
 
@@ -10,6 +10,7 @@ CDIAGFLAGS+=	-Wall -Wextra
 CDIAGFLAGS+=	-Werror
 
 LDADD+=		-L${BSDOBJDIR}/lib/libcbor -lcbor
+LDADD+=		-L${BSDOBJDIR}/lib/libcrypto -lcrypto
 LDADD+=		-L${BSDOBJDIR}/lib/libz -lz
 
 SYMBOL_LIST=	Symbols.list
diff --git a/lib/libfido2/src/eddsa.c b/lib/libfido2/src/eddsa.c
index a94ae302391..c718f7e4452 100644
--- a/lib/libfido2/src/eddsa.c
+++ b/lib/libfido2/src/eddsa.c
@@ -10,7 +10,7 @@
 #include "fido.h"
 #include "fido/eddsa.h"
 
-#if defined(LIBRESSL_VERSION_NUMBER)
+#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3070000f
 EVP_PKEY *
 EVP_PKEY_new_raw_public_key(int type, ENGINE *e, const unsigned char *key,
     size_t keylen)
diff --git a/lib/libfido2/src/fido/eddsa.h b/lib/libfido2/src/fido/eddsa.h
index 083721cc3d3..12abaaafdae 100644
--- a/lib/libfido2/src/fido/eddsa.h
+++ b/lib/libfido2/src/fido/eddsa.h
@@ -31,7 +31,7 @@ int eddsa_pk_from_ptr(eddsa_pk_t *, const void *, size_t);
 
 #ifdef _FIDO_INTERNAL
 
-#if defined(LIBRESSL_VERSION_NUMBER)
+#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3070000f
 #define EVP_PKEY_ED25519 EVP_PKEY_NONE
 int EVP_PKEY_get_raw_public_key(const EVP_PKEY *, unsigned char *, size_t *);
 EVP_PKEY *EVP_PKEY_new_raw_public_key(int, ENGINE *, const unsigned char *,
-- 
2.20.1