LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
26964 Commits
1 Branch
46 MiB
Tree: 0cd609b676
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0cd609b676'
${ noResults }
openwrt-packages-dist/mail/exim/patches/030-openssl-deprecated.patch

86 lines
2.8 KiB
Raw Normal View History

exim: fix compilation without deprecated OpenSSL APIs Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years ago
exim: update to version 4.95 Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years ago
exim: fix compilation without deprecated OpenSSL APIs Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years ago
exim: update to version 4.95 Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years ago
exim: fix compilation without deprecated OpenSSL APIs Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years ago
exim: update to version 4.95 Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years ago
exim: fix compilation without deprecated OpenSSL APIs Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years ago
exim: update to version 4.95 Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years ago
exim: fix compilation without deprecated OpenSSL APIs Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years ago
exim: update to version 4.95 Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years ago
exim: fix compilation without deprecated OpenSSL APIs Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years ago
exim: update to version 4.95 Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years ago
exim: fix compilation without deprecated OpenSSL APIs Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years ago
 
  1. --- a/src/dane-openssl.c

  2. +++ b/src/dane-openssl.c

  3. @@ -1098,8 +1098,8 @@ if (dane->selectors[DANESSL_USAGE_DANE_T

  4.       * Check that setting the untrusted chain updates the expected
  5.       * structure member at the expected offset.
  6.       */
  7. -    X509_STORE_CTX_trusted_stack(ctx, dane->roots);

  8. -    X509_STORE_CTX_set_chain(ctx, dane->chain);

  9. +    X509_STORE_CTX_set0_trusted_stack(ctx, dane->roots);

  10. +    X509_STORE_CTX_set0_untrusted(ctx, dane->chain);

  11.      OPENSSL_assert(dane->chain == X509_STORE_CTX_get0_untrusted(ctx));
  12.      }
  13.    }
  14. --- a/src/pdkim/signing.c

  15. +++ b/src/pdkim/signing.c

  16. @@ -704,7 +704,6 @@ return NULL;

  17.  void
  18.  exim_dkim_init(void)
  19.  {
  20. -ERR_load_crypto_strings();

  21.  }
  22.  
  23.  
  24. --- a/src/tls-openssl.c

  25. +++ b/src/tls-openssl.c

  26. @@ -22,7 +22,10 @@ functions from the OpenSSL library. */

  27.  #include <openssl/lhash.h>
  28.  #include <openssl/ssl.h>
  29.  #include <openssl/err.h>
  30. +#include <openssl/bn.h>

  31. +#include <openssl/dh.h>

  32.  #include <openssl/rand.h>
  33. +#include <openssl/rsa.h>

  34.  #ifndef OPENSSL_NO_ECDH
  35.  # include <openssl/ec.h>
  36.  #endif
  37. @@ -834,8 +837,9 @@ if (!EVP_PKEY_assign_RSA(pkey, rsa))

  38.  
  39.  X509_set_version(x509, 2);				/* N+1 - version 3 */
  40.  ASN1_INTEGER_set(X509_get_serialNumber(x509), 1);
  41. -X509_gmtime_adj(X509_get_notBefore(x509), 0);

  42. -X509_gmtime_adj(X509_get_notAfter(x509), (long)2 * 60 * 60);	/* 2 hour */

  43. +X509_gmtime_adj(X509_getm_notBefore(x509), 0);

  44. +X509_gmtime_adj(X509_getm_notAfter(x509), (long)2 * 60 * 60);	/* 2 hour */

  45. +

  46.  X509_set_pubkey(x509, pkey);
  47.  
  48.  name = X509_get_subject_name(x509);
  49. @@ -4512,8 +4516,8 @@ fprintf(f, "Library version: OpenSSL: Co

  50.             "                          Runtime: %s\n"
  51.             "                                 : %s\n",
  52.             OPENSSL_VERSION_TEXT,
  53. -           SSLeay_version(SSLEAY_VERSION),

  54. -           SSLeay_version(SSLEAY_BUILT_ON));

  55. +           OpenSSL_version(OPENSSL_VERSION),

  56. +           OpenSSL_version(OPENSSL_BUILT_ON));

  57.  /* third line is 38 characters for the %s and the line is 73 chars long;
  58.  the OpenSSL output includes a "built on: " prefix already. */
  59.  }
  60. @@ -4555,8 +4559,6 @@ if (pidnow != pidlast)

  61.    is unique for each thread", this doesn't apparently apply across processes,
  62.    so our own warning from vaguely_random_number_fallback() applies here too.
  63.    Fix per PostgreSQL. */
  64. -  if (pidlast != 0)

  65. -    RAND_cleanup();

  66.    pidlast = pidnow;
  67.    }
  68.  
  69. --- a/src/tlscert-openssl.c

  70. +++ b/src/tlscert-openssl.c

  71. @@ -217,13 +217,13 @@ return mod ? tls_field_from_dn(cp, mod)

  72.  uschar *
  73.  tls_cert_not_before(void * cert, uschar * mod)
  74.  {
  75. -return asn1_time_copy(X509_get_notBefore((X509 *)cert), mod);

  76. +return asn1_time_copy(X509_getm_notBefore((X509 *)cert), mod);

  77.  }
  78.  
  79.  uschar *
  80.  tls_cert_not_after(void * cert, uschar * mod)
  81.  {
  82. -return asn1_time_copy(X509_get_notAfter((X509 *)cert), mod);

  83. +return asn1_time_copy(X509_getm_notAfter((X509 *)cert), mod);

  84.  }
  85.  
  86.  uschar *