From e5bc3a50f6d326fd51dea5febee74e1ed7fb1e5e Mon Sep 17 00:00:00 2001
From: Philip Prindeville <philipp@redfish-solutions.com>
Date: Wed, 27 Mar 2024 17:41:18 -0600
Subject: [PATCH] wolfssl: Avoid conflict with RNG when built without EdDSA or
 FIPS enabled

There are definitions of RNG in <wolfssl/wolfcrypt/settings.h> and
<wolfssl/wolfcrypt/random.h> that play havoc with the literal RNG being
used in the expansions of PLUGIN_*(RNG, ...) when ##-concatenated to
build the enum value FEATURE_RNG.

The #undef in wolfssl_cmmon.h only had an effect if wolfSSL was built
with EdDSA or FIPS enabled, otherwise, the headers that define RNG were
not pulled in before it.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
---
 src/libstrongswan/plugins/wolfssl/wolfssl_common.h | 3 ---
 src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c | 2 ++
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_common.h b/src/libstrongswan/plugins/wolfssl/wolfssl_common.h
index 9c944e7119..98a5593aab 100644
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_common.h
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_common.h
@@ -80,7 +80,4 @@ typedef union {
 
 #undef PARSE_ERROR
 
-/* Eliminate macro conflicts */
-#undef RNG
-
 #endif /* WOLFSSL_PLUGIN_COMMON_H_ */
diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c b/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c
index d4b4989b09..fa4edeeef9 100644
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c
@@ -47,6 +47,8 @@
 
 #include <wolfssl/ssl.h>
 
+#undef RNG
+
 #ifndef FIPS_MODE
 #define FIPS_MODE 0
 #endif