sqlite: better compatibility fix for PKCS5_PBKDF2_HMAC for old OpenSSL.

sqlite/sqlite/sqlite3.c

@@ -24746,11 +24746,6 @@ int sqlcipher_nss_setup(sqlcipher_provider *p) {
 #include <openssl/err.h>
 
 #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x10000000L
-// the function was missed in the header before 777c47acbeecf9602cc465864c9f5f2c609c989d
-int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
-                      const unsigned char *salt, int saltlen, int iter,
-                      const EVP_MD *digest, int keylen, unsigned char *out);
-
 // HMAC_* functions returned void before 87d52468aa600e02326e13f01331e1f3b8602ed0
 #define HMAC_Init_ex_(...) (HMAC_Init_ex(__VA_ARGS__), 1)
 #define HMAC_Update_(...) (HMAC_Update(__VA_ARGS__), 1)
@@ -24963,6 +24958,11 @@ cleanup:
 static int sqlcipher_openssl_kdf(void *ctx, int algorithm, const unsigned char *pass, int pass_sz, unsigned char* salt, int salt_sz, int workfactor, int key_sz, unsigned char *key) {
   int rc = SQLITE_OK; 
 
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x10000000L
+// PKCS5_PBKDF2_HMAC was added in 856640b54f3d22a34d6565e9c78c441a15222577 and added to the header only in 777c47acbeecf9602cc465864c9f5f2c609c989d,
+// so use PKCS5_PBKDF2_HMAC_SHA1 unconditionally if OpenSSL < 1.0.0
+  if(!PKCS5_PBKDF2_HMAC_SHA1((const char *)pass, pass_sz, salt, salt_sz, workfactor, key_sz, key)) goto error;
+#else
   switch(algorithm) {
     case SQLCIPHER_HMAC_SHA1:
       if(!PKCS5_PBKDF2_HMAC((const char *)pass, pass_sz, salt, salt_sz, workfactor, EVP_sha1(), key_sz, key)) goto error;
@@ -24976,6 +24976,7 @@ static int sqlcipher_openssl_kdf(void *ctx, int algorithm, const unsigned char *
     default:
       return SQLITE_ERROR;
   }
+#endif
 
   goto cleanup;
 error: