LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
27286 Commits
1 Branch
46 MiB
Tree: 05d1265cb7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '05d1265cb7'
${ noResults }
openwrt-packages-dist/net/freeradius3/patches/010-openssl-deprecated.patch

117 lines
3.4 KiB
Raw Normal View History

freeradius3: fix compilation without deprecated OpenSSL APIs Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years ago
treewide: Run refresh on all packages The crude loop I wrote to come up with this changeset: find -L package/feeds/packages/ -name patches | \ sed 's/patches$/refresh/' | sort | xargs make Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
4 years ago
freeradius3: fix compilation without deprecated OpenSSL APIs Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years ago
treewide: Run refresh on all packages The crude loop I wrote to come up with this changeset: find -L package/feeds/packages/ -name patches | \ sed 's/patches$/refresh/' | sort | xargs make Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
4 years ago
freeradius3: fix compilation without deprecated OpenSSL APIs Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years ago
treewide: Run refresh on all packages The crude loop I wrote to come up with this changeset: find -L package/feeds/packages/ -name patches | \ sed 's/patches$/refresh/' | sort | xargs make Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
4 years ago
freeradius3: fix compilation without deprecated OpenSSL APIs Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years ago
treewide: Run refresh on all packages The crude loop I wrote to come up with this changeset: find -L package/feeds/packages/ -name patches | \ sed 's/patches$/refresh/' | sort | xargs make Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
4 years ago
freeradius3: fix compilation without deprecated OpenSSL APIs Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years ago
treewide: Run refresh on all packages The crude loop I wrote to come up with this changeset: find -L package/feeds/packages/ -name patches | \ sed 's/patches$/refresh/' | sort | xargs make Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
4 years ago
freeradius3: fix compilation without deprecated OpenSSL APIs Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years ago
treewide: Run refresh on all packages The crude loop I wrote to come up with this changeset: find -L package/feeds/packages/ -name patches | \ sed 's/patches$/refresh/' | sort | xargs make Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
4 years ago
freeradius3: fix compilation without deprecated OpenSSL APIs Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years ago
treewide: Run refresh on all packages The crude loop I wrote to come up with this changeset: find -L package/feeds/packages/ -name patches | \ sed 's/patches$/refresh/' | sort | xargs make Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
4 years ago
freeradius3: fix compilation without deprecated OpenSSL APIs Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years ago
 
  1. --- a/src/main/threads.c

  2. +++ b/src/main/threads.c

  3. @@ -298,6 +298,7 @@ static void ssl_locking_function(int mod

  4.   */
  5.  int tls_mutexes_init(void)
  6.  {
  7. +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

  8.  	int i;
  9.  
  10.  	ssl_mutexes = rad_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
  11. @@ -316,6 +317,7 @@ int tls_mutexes_init(void)

  12.  #ifdef HAVE_CRYPTO_SET_LOCKING_CALLBACK
  13.  	CRYPTO_set_locking_callback(ssl_locking_function);
  14.  #endif
  15. +#endif

  16.  
  17.  	return 0;
  18.  }
  19. --- a/src/main/tls.c

  20. +++ b/src/main/tls.c

  21. @@ -55,6 +55,7 @@ USES_APPLE_DEPRECATED_API	/* OpenSSL API

  22.  #    include <openssl/evp.h>
  23.  #  endif
  24.  #  include <openssl/ssl.h>
  25. +#  include <openssl/dh.h>

  26.  
  27.  #define LOG_PREFIX "tls"
  28.  
  29. @@ -2133,7 +2134,7 @@ int cbtls_verify(int ok, X509_STORE_CTX

  30.  	int		my_ok = ok;
  31.  
  32.  	ASN1_INTEGER	*sn = NULL;
  33. -	ASN1_TIME	*asn_time = NULL;

  34. +	const ASN1_TIME	*asn_time = NULL;

  35.  	VALUE_PAIR	**certs;
  36.  	char **identity;
  37.  #ifdef HAVE_OPENSSL_OCSP_H
  38. @@ -2207,7 +2208,7 @@ int cbtls_verify(int ok, X509_STORE_CTX

  39.  	 *	Get the Expiration Date
  40.  	 */
  41.  	buf[0] = '\0';
  42. -	asn_time = X509_get_notAfter(client_cert);

  43. +	asn_time = X509_get0_notAfter(client_cert);

  44.  	if (certs && (lookup <= 1) && asn_time &&
  45.  	    (asn_time->length < (int) sizeof(buf))) {
  46.  		memcpy(buf, (char*) asn_time->data, asn_time->length);
  47. @@ -2220,7 +2221,7 @@ int cbtls_verify(int ok, X509_STORE_CTX

  48.  	 *	Get the Valid Since Date
  49.  	 */
  50.  	buf[0] = '\0';
  51. -	asn_time = X509_get_notBefore(client_cert);

  52. +	asn_time = X509_get0_notBefore(client_cert);

  53.  	if (certs && (lookup <= 1) && asn_time &&
  54.  	    (asn_time->length < (int) sizeof(buf))) {
  55.  		memcpy(buf, (char*) asn_time->data, asn_time->length);
  56. @@ -2690,10 +2691,12 @@ static int set_ecdh_curve(SSL_CTX *ctx,

  57.   */
  58.  int tls_global_init(bool spawn_flag, bool check)
  59.  {
  60. +#if OPENSSL_VERSION_NUMBER < 0x10100000L

  61.  	SSL_load_error_strings();	/* readable error messages (examples show call before library_init) */
  62.  	SSL_library_init();		/* initialize library */
  63.  	OpenSSL_add_all_algorithms();	/* required for SHA2 in OpenSSL < 0.9.8o and 1.0.0.a */
  64.  	CONF_modules_load_file(NULL, NULL, 0);
  65. +#endif

  66.  
  67.  	/*
  68.  	 *	Initialize the index for the certificates.
  69. @@ -2769,6 +2772,7 @@ int tls_global_version_check(char const

  70.   */
  71.  void tls_global_cleanup(void)
  72.  {
  73. +#if OPENSSL_VERSION_NUMBER < 0x10100000L

  74.  #if OPENSSL_VERSION_NUMBER < 0x10000000L
  75.  	ERR_remove_state(0);
  76.  #elif OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
  77. @@ -2781,6 +2785,7 @@ void tls_global_cleanup(void)

  78.  	ERR_free_strings();
  79.  	EVP_cleanup();
  80.  	CRYPTO_cleanup_all_ex_data();
  81. +#endif

  82.  }
  83.  
  84.  
  85. --- a/src/main/version.c

  86. +++ b/src/main/version.c

  87. @@ -54,7 +54,7 @@ int ssl_check_consistency(void)

  88.  {
  89.  	long ssl_linked;
  90.  
  91. -	ssl_linked = SSLeay();

  92. +	ssl_linked = OpenSSL_version_num();

  93.  
  94.  	/*
  95.  	 *	Major and minor versions mismatch, that's bad.
  96. @@ -152,7 +152,7 @@ char const *ssl_version_num(void)

  97.  {
  98.  	long ssl_linked;
  99.  
  100. -	ssl_linked = SSLeay();

  101. +	ssl_linked = OpenSSL_version_num();

  102.  	return ssl_version_by_num((uint32_t)ssl_linked);
  103.  }
  104.  
  105. @@ -188,10 +188,10 @@ char const *ssl_version(void)

  106.  {
  107.  	static char buffer[256];
  108.  
  109. -	uint32_t v = SSLeay();

  110. +	uint32_t v = OpenSSL_version_num();

  111.  
  112.  	snprintf(buffer, sizeof(buffer), "%s 0x%.8x (%s)",
  113. -		 SSLeay_version(SSLEAY_VERSION),		/* Not all builds include a useful version number */

  114. +		 OpenSSL_version(OPENSSL_VERSION),		/* Not all builds include a useful version number */

  115.  		 v,
  116.  		 ssl_version_by_num(v));
  117.