LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
15901 Commits
1 Branch
46 MiB
Tree: 80522ab982
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '80522ab982'
${ noResults }
openwrt-packages-dist/net/openconnect/patches/010-Fix-compilation-without...

75 lines
2.0 KiB
Raw Normal View History

openconnect: Fix DTLS with OpenSSL Backported upstream patches that fix this. Removed local patch that fixes libp11 with version 0.4.7, which is not used anymore. Upstream has a different solution. License fixes and Makefile cleanups. Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years ago
 
  1. From 460c060dda115bc8066bb4b955453c673459b6cc Mon Sep 17 00:00:00 2001
  2. From: Rosen Penev <rosenp@gmail.com>
  3. Date: Sun, 9 Jun 2019 23:36:53 -0700
  4. Subject: [PATCH] Fix compilation without deprecated OpenSSL 1.1 APIs
  5. 

  6. Initialization and deinitialization is deprecated.
  7. 

  8. Signed-off-by: Rosen Penev <rosenp@gmail.com>
  9. ---

  10.  library.c             | 4 ++++
  11.  openssl.c             | 2 ++
  12.  tests/bad_dtls_test.c | 4 ++++
  13.  3 files changed, 10 insertions(+)
  14. 

  15. diff --git a/library.c b/library.c

  16. index 0e3d05e6..e45e93a2 100644

  17. --- a/library.c

  18. +++ b/library.c

  19. @@ -38,6 +38,10 @@

  20.  #include "gnutls.h"
  21.  #endif
  22.  
  23. +#if defined(OPENCONNECT_OPENSSL)

  24. +#include <openssl/bio.h>

  25. +#endif

  26. +

  27.  struct openconnect_info *openconnect_vpninfo_new(const char *useragent,
  28.  						 openconnect_validate_peer_cert_vfn validate_peer_cert,
  29.  						 openconnect_write_new_config_vfn write_new_config,
  30. diff --git a/openssl.c b/openssl.c

  31. index 2b1f07bd..e505f49a 100644

  32. --- a/openssl.c

  33. +++ b/openssl.c

  34. @@ -1879,10 +1879,12 @@ int openconnect_init_ssl(void)

  35.  	if (ret)
  36.  		return ret;
  37.  #endif
  38. +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

  39.  	SSL_library_init();
  40.  	ERR_clear_error();
  41.  	SSL_load_error_strings();
  42.  	OpenSSL_add_all_algorithms();
  43. +#endif

  44.  	return 0;
  45.  }
  46.  
  47. diff --git a/tests/bad_dtls_test.c b/tests/bad_dtls_test.c

  48. index ac8d3f1e..c123c8f8 100644

  49. --- a/tests/bad_dtls_test.c

  50. +++ b/tests/bad_dtls_test.c

  51. @@ -752,8 +752,10 @@ int main(int argc, char *argv[])

  52.      int ret;
  53.      int i;
  54.  
  55. +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

  56.      SSL_library_init();
  57.      SSL_load_error_strings();
  58. +#endif

  59.  
  60.      RAND_bytes(session_id, sizeof(session_id));
  61.      RAND_bytes(master_secret, sizeof(master_secret));
  62. @@ -910,8 +912,10 @@ int main(int argc, char *argv[])

  63.          printf("Cisco BadDTLS test: FAILED\n");
  64.      }
  65.  
  66. +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

  67.      ERR_free_strings();
  68.      EVP_cleanup();
  69. +#endif

  70.  
  71.      return testresult?0:1;
  72.  }
  73. -- 

  74. 2.17.1
  75.