NetBSD 5.0.1 uses an OpenSSL snapshot that describes itself as 0.9.9,

and has the EVP_PKEY_decrypt API change that was already being worked
around for OpenSSL 1.0.0.  Work around it for 0.9.9 too.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23553 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index 85e8dcaac6ae0947795471ca99de6a35a24a162a..d000466e3bb9d979eefb9fd0b9600eecba39be2d 100644 (file)
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -3728,7 +3728,7 @@ decode_data(unsigned char **out_data, unsigned int *out_data_len,
     if (buf == NULL)
         goto cleanup;
 
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+#if OPENSSL_VERSION_NUMBER >= 0x00909000L
     retval = EVP_PKEY_decrypt_old(buf, data, (int)data_len, pkey);
 #else
     retval = EVP_PKEY_decrypt(buf, data, (int)data_len, pkey);