MFH: r498730
security/tlswrap: Add patch to fix support for modern OpenSSL PR: 236137
This commit is contained in:
Mark Felder
parent
04f5ef28e7
commit
d09b562a02
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/branches/2019Q2/; revision=498731
@ -3,7 +3,7 @@
|
||||
|
||||
PORTNAME= tlswrap
|
||||
PORTVERSION= 1.0.4
|
||||
PORTREVISION= 1
|
||||
PORTREVISION= 2
|
||||
CATEGORIES= security
|
||||
MASTER_SITES= http://www.tlswrap.com/
|
||||
DISTNAME= ${PORTNAME}-1.04
|
||||
@ -20,11 +20,6 @@ OPTIONS_DEFINE= DOCS
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
.if ${SSL_DEFAULT} == base
|
||||
BROKEN_FreeBSD_12= incomplete definition of type 'struct X509_extension_st'
|
||||
BROKEN_FreeBSD_13= incomplete definition of type 'struct X509_extension_st'
|
||||
.endif
|
||||
|
||||
post-patch:
|
||||
@${REINPLACE_CMD} -E 's,^(CC|CFLAGS|LDFLAGS).*=,\1?=,g' \
|
||||
${WRKSRC}/Makefile.in
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
--- tls.c.orig 2006-11-25 19:52:08.000000000 +0100
|
||||
+++ tls.c 2015-04-19 15:53:43.000000000 +0200
|
||||
@@ -73,10 +73,12 @@ void tls_init(char *egd_sock) {
|
||||
--- tls.c.orig 2006-11-25 18:52:08.000000000 +0000
|
||||
+++ tls.c 2019-03-22 17:37:16.971621000 +0000
|
||||
@@ -73,10 +73,12 @@
|
||||
printf("egd_sock is %s\n", egd_sock);
|
||||
#ifdef HAVE_RAND_STATUS
|
||||
if (RAND_status() != 1) {
|
||||
@ -13,3 +13,42 @@
|
||||
if (RAND_status() != 1)
|
||||
sys_err("ssl_init: System without /dev/urandom, PRNG seeding must be done manually.\r\n");
|
||||
}
|
||||
@@ -258,7 +260,7 @@
|
||||
X509 *x509_peer;
|
||||
X509_NAME *x509_subj;
|
||||
X509_EXTENSION *x509_ext;
|
||||
- X509V3_EXT_METHOD *x509_meth;
|
||||
+ const X509V3_EXT_METHOD *x509_meth;
|
||||
int ok, extcount, i, j;
|
||||
char *extstr;
|
||||
SSL *ssl;
|
||||
@@ -294,15 +296,17 @@
|
||||
extstr = (char*)OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(x509_ext)));
|
||||
if (debug) printf("extstr = %s\n", extstr);
|
||||
if (!strcmp(extstr, "subjectAltName")) {
|
||||
+ ASN1_OCTET_STRING *x509_ext_data;
|
||||
subjectaltname = 1;
|
||||
if (!(x509_meth = X509V3_EXT_get(x509_ext)))
|
||||
break;
|
||||
- data1 = x509_ext->value->data;
|
||||
+ x509_ext_data = X509_EXTENSION_get_data(x509_ext);
|
||||
+ data1 = x509_ext_data->data;
|
||||
#if (OPENSSL_VERSION_NUMBER > 0x00907000L)
|
||||
if (x509_meth->it)
|
||||
- ext_str = ASN1_item_d2i(NULL, &data1, x509_ext->value->length, ASN1_ITEM_ptr(x509_meth->it));
|
||||
+ ext_str = ASN1_item_d2i(NULL, &data1, x509_ext_data->length, ASN1_ITEM_ptr(x509_meth->it));
|
||||
else
|
||||
- ext_str = x509_meth->d2i(NULL, &data1, x509_ext->value->length);
|
||||
+ ext_str = x509_meth->d2i(NULL, &data1, x509_ext_data->length);
|
||||
#else
|
||||
ext_str = x509_meth->d2i(NULL, &data1, x509_ext->value->length);
|
||||
#endif
|
||||
@@ -341,7 +345,7 @@
|
||||
tls_auth_cont(struct user_data *ud, int data)
|
||||
{
|
||||
int status, sslerr, cert_ok;
|
||||
- SSL_CIPHER *cipher;
|
||||
+ const SSL_CIPHER *cipher;
|
||||
char cipher_info[128];
|
||||
SSL *ssl;
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user