$OpenBSD: patch-libraries_libldap_tls_o_c,v 1.4 2019/07/25 22:07:47 sthen Exp $

Unknown if these are still needed, the current state of locking code
in libressl is unclear.

Index: libraries/libldap/tls_o.c
--- libraries/libldap/tls_o.c.orig
+++ libraries/libldap/tls_o.c
@@ -68,7 +68,7 @@ static void tlso_info_cb( const SSL *ssl, int where, i
 static int tlso_verify_cb( int ok, X509_STORE_CTX *ctx );
 static int tlso_verify_ok( int ok, X509_STORE_CTX *ctx );
 static int tlso_seed_PRNG( const char *randfile );
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000
 /*
  * OpenSSL 1.1 API and later has new locking code
 */
@@ -234,7 +234,7 @@ tlso_destroy( void )
 
 	BIO_meth_free( tlso_bio_method );
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000
 	EVP_cleanup();
 #if OPENSSL_VERSION_NUMBER < 0x10000000
 	ERR_remove_state(0);
@@ -453,7 +453,7 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls 
 	SSL_CTX_set_verify( ctx, i,
 		lo->ldo_tls_require_cert == LDAP_OPT_X_TLS_ALLOW ?
 		tlso_verify_ok : tlso_verify_cb );
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000
 	SSL_CTX_set_tmp_rsa_callback( ctx, tlso_tmp_rsa_cb );
 #endif
 #ifdef HAVE_OPENSSL_CRL
@@ -1225,7 +1225,7 @@ tlso_report_error( void )
 	}
 }
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000
 static RSA *
 tlso_tmp_rsa_cb( SSL *ssl, int is_export, int key_length )
 {
