fragattacks: enable MS-CHAPv2 with OpenSSL >=3.0

This patch re-enables the usage of MS-CHAPv2 when linking with OpenSSL
version 3.0 or higher.

README.md

@@ -1126,6 +1126,9 @@ For example see the above two tables with commands.
 
 **Version 1.3.4 (under progress):**:
 
+- Updated wpa_supplicant to re-enable connecting to Enterprise networks that use MS-CHAPv2. Previously, when
+  the OS uses OpenSSL 3.0 or higher, MD4 was disabled by default, meaning MS-CHAPv2 could not be used.
+
 - Added the `--pre-test-delay` parameter. This adds a delay between getting an IP address and the transmission
   of the first fragments/frames. See the [pull request](https://github.com/vanhoefm/fragattacks/pull/44) by
   Michael Trimarchi and Angelo Compagnucci.

src/crypto/crypto_openssl.c

@@ -90,6 +90,20 @@ static EC_KEY * EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey)
 
 #endif /* OpenSSL version < 1.1.0 */
 
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+static OSSL_PROVIDER *openssl_legacy_provider = NULL;
+#endif /* OpenSSL version >= 3.0 */
+
+void openssl_load_legacy_provider(void)
+{
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+	if (openssl_legacy_provider)
+		return;
+
+	openssl_legacy_provider = OSSL_PROVIDER_try_load(NULL, "legacy", 1);
+#endif /* OpenSSL version >= 3.0 */
+}
+
 static BIGNUM * get_group5_prime(void)
 {
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
@@ -196,6 +210,7 @@ static int openssl_digest_vector(const EVP_MD *type, size_t num_elem,
 #ifndef CONFIG_FIPS
 int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
 {
+	openssl_load_legacy_provider();
 	return openssl_digest_vector(EVP_md4(), num_elem, addr, len, mac);
 }
 #endif /* CONFIG_FIPS */