SecBSD's official ports repository
This commit is contained in:
commit
2c0afcbbf3
GPG key ID:
F42C07F07E2E35B7
64331 changed files with 5339189 additions and 0 deletions
60
net/pavuk/patches/patch-src_myssl_openssl_c
Normal file
60
net/pavuk/patches/patch-src_myssl_openssl_c
Normal file
|
|
@ -0,0 +1,60 @@
|
|||
Retrieve session ID via accessors instead of reaching inside the struct.
|
||||
Fix verify callback with opaque X509 structs.
|
||||
Allow building against OpenSSL without SSLv2/v3 support.
|
||||
|
||||
Index: src/myssl_openssl.c
|
||||
--- src/myssl_openssl.c.orig
|
||||
+++ src/myssl_openssl.c
|
||||
@@ -48,16 +48,18 @@ static int cmp_sockaddr(struct sockaddr_in *a, struct
|
||||
|
||||
static void dump_session_id(SSL_SESSION * s)
|
||||
{
|
||||
- int i;
|
||||
+ const unsigned char *session_id;
|
||||
+ unsigned int i, session_id_length;
|
||||
if(!s)
|
||||
{
|
||||
DEBUG_SSL("No session ID to dump?\n");
|
||||
return;
|
||||
}
|
||||
- DEBUG_SSL("ssl_session_id(%d) = [", s->session_id_length);
|
||||
- for(i = 0; i < s->session_id_length; i++)
|
||||
+ session_id = SSL_SESSION_get_id(s, &session_id_length);
|
||||
+ DEBUG_SSL("ssl_session_id(%u) = [", session_id_length);
|
||||
+ for(i = 0; i < session_id_length; i++)
|
||||
{
|
||||
- DEBUG_SSL(" %02x", s->session_id[i]);
|
||||
+ DEBUG_SSL(" %02x", session_id[i]);
|
||||
}
|
||||
DEBUG_SSL("]\n");
|
||||
return;
|
||||
@@ -394,10 +396,10 @@ static int my_ssl_verify_callback(int ok, X509_STORE_C
|
||||
else
|
||||
ok = 0;
|
||||
}
|
||||
- switch (ctx->error)
|
||||
+ switch (err)
|
||||
{
|
||||
case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
|
||||
- X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256);
|
||||
+ X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256);
|
||||
DEBUG_SSL("Issuer: %s\n", buf);
|
||||
break;
|
||||
case X509_V_ERR_CERT_NOT_YET_VALID:
|
||||
@@ -543,12 +545,16 @@ bufio *my_ssl_do_connect(doc * docp, bufio * socket,
|
||||
|
||||
switch (cfg.ssl_version)
|
||||
{
|
||||
+#ifndef OPENSSL_NO_SSL2
|
||||
case 2:
|
||||
method = SSLv2_client_method();
|
||||
break;
|
||||
+#endif
|
||||
+#ifndef OPENSSL_NO_SSL3
|
||||
case 3:
|
||||
method = SSLv3_client_method();
|
||||
break;
|
||||
+#endif
|
||||
#ifdef WITH_SSL_TLS1
|
||||
case 4:
|
||||
method = TLSv1_client_method();
|
||||
Loading…
Add table
Add a link
Reference in a new issue