Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
View | Details | Raw Unified | Return to bug 605026 | Differences between
and this patch

Collapse All | Expand All

(-)a/configure.in (+5 lines)
Lines 1122-1127 else Link Here
1122
			if test "$cf_result" != yes; then
1122
			if test "$cf_result" != yes; then
1123
				AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <openssl/ssl.h>]], [[SSLeay_add_ssl_algorithms()]])],[cf_result=yes],[cf_result=no])
1123
				AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <openssl/ssl.h>]], [[SSLeay_add_ssl_algorithms()]])],[cf_result=yes],[cf_result=no])
1124
			fi
1124
			fi
1125
			if test "$cf_result" != yes; then
1126
				AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <openssl/crypto.h>]], [[OpenSSL_version_num()]])],[cf_result=yes],[cf_result=no])
1127
			fi
1125
		fi
1128
		fi
1126
	done
1129
	done
1127
1130
Lines 1136-1141 else Link Here
1136
1139
1137
		CFLAGS="$CFLAGS_X"
1140
		CFLAGS="$CFLAGS_X"
1138
		AC_SUBST(OPENSSL_CFLAGS)
1141
		AC_SUBST(OPENSSL_CFLAGS)
1142
1143
		AC_CHECK_FUNCS([SSL_set_options] [ASN1_STRING_get0_data] [SSL_get_SSL_CTX])
1139
	fi
1144
	fi
1140
fi
1145
fi
1141
1146
(-)a/src/network/ssl/socket.c (+12 lines)
Lines 81-87 static void Link Here
81
ssl_set_no_tls(struct socket *socket)
81
ssl_set_no_tls(struct socket *socket)
82
{
82
{
83
#ifdef CONFIG_OPENSSL
83
#ifdef CONFIG_OPENSSL
84
#ifdef HAVE_SSL_SET_OPTIONS
85
	SSL_set_options((ssl_t *) socket->ssl, SSL_OP_NO_TLSv1);
86
#else
84
	((ssl_t *) socket->ssl)->options |= SSL_OP_NO_TLSv1;
87
	((ssl_t *) socket->ssl)->options |= SSL_OP_NO_TLSv1;
88
#endif /* HAVE_SSL_SET_OPTIONS */
85
#elif defined(CONFIG_GNUTLS)
89
#elif defined(CONFIG_GNUTLS)
86
	/* There is another gnutls_priority_set_direct call elsewhere
90
	/* There is another gnutls_priority_set_direct call elsewhere
87
	 * in ELinks.  If you change the priorities here, please check
91
	 * in ELinks.  If you change the priorities here, please check
Lines 246-252 static int Link Here
246
match_uri_host_ip(const unsigned char *uri_host,
250
match_uri_host_ip(const unsigned char *uri_host,
247
		  ASN1_OCTET_STRING *cert_host_asn1)
251
		  ASN1_OCTET_STRING *cert_host_asn1)
248
{
252
{
253
#ifdef HAVE_ASN1_STRING_GET0_DATA
254
	const unsigned char *cert_host_addr = ASN1_STRING_get0_data(cert_host_asn1);
255
#else
249
	const unsigned char *cert_host_addr = ASN1_STRING_data(cert_host_asn1);
256
	const unsigned char *cert_host_addr = ASN1_STRING_data(cert_host_asn1);
257
#endif /* HAVE_ASN1_STRING_GET0_DATA */
250
	struct in_addr uri_host_in;
258
	struct in_addr uri_host_in;
251
#ifdef CONFIG_IPV6
259
#ifdef CONFIG_IPV6
252
	struct in6_addr uri_host_in6;
260
	struct in6_addr uri_host_in6;
Lines 453-459 ssl_connect(struct socket *socket) Link Here
453
					(SSL *) socket->ssl,
461
					(SSL *) socket->ssl,
454
					client_cert);
462
					client_cert);
455
#else
463
#else
464
#ifdef HAVE_SSL_GET_SSL_CTX
465
			SSL_CTX *ctx = SSL_get_SSL_CTX(socket->ssl);
466
#else
456
			SSL_CTX *ctx = ((SSL *) socket->ssl)->ctx;
467
			SSL_CTX *ctx = ((SSL *) socket->ssl)->ctx;
468
#endif /* HAVE_SSL_GET_SSL_CTX */
457
469
458
			SSL_CTX_use_certificate_chain_file(ctx, client_cert);
470
			SSL_CTX_use_certificate_chain_file(ctx, client_cert);
459
			SSL_CTX_use_PrivateKey_file(ctx, client_cert,
471
			SSL_CTX_use_PrivateKey_file(ctx, client_cert,
(-)a/src/network/ssl/ssl.c (-1 / +7 lines)
Lines 7-12 Link Here
7
#ifdef CONFIG_OPENSSL
7
#ifdef CONFIG_OPENSSL
8
#include <openssl/ssl.h>
8
#include <openssl/ssl.h>
9
#include <openssl/rand.h>
9
#include <openssl/rand.h>
10
#include <openssl/opensslv.h>
10
#define USE_OPENSSL
11
#define USE_OPENSSL
11
#elif defined(CONFIG_NSS_COMPAT_OSSL)
12
#elif defined(CONFIG_NSS_COMPAT_OSSL)
12
#include <nss_compat_ossl/nss_compat_ossl.h>
13
#include <nss_compat_ossl/nss_compat_ossl.h>
Lines 95-101 init_openssl(struct module *module) Link Here
95
	}
96
	}
96
#endif
97
#endif
97
98
99
#if OPENSSL_VERSION_NUMBER < 0x10100000L
98
	SSLeay_add_ssl_algorithms();
100
	SSLeay_add_ssl_algorithms();
101
#endif
99
	context = SSL_CTX_new(SSLv23_client_method());
102
	context = SSL_CTX_new(SSLv23_client_method());
100
	SSL_CTX_set_options(context, SSL_OP_ALL);
103
	SSL_CTX_set_options(context, SSL_OP_ALL);
101
	SSL_CTX_set_default_verify_paths(context);
104
	SSL_CTX_set_default_verify_paths(context);
Lines 432-438 void Link Here
432
random_nonce(unsigned char buf[], size_t size)
435
random_nonce(unsigned char buf[], size_t size)
433
{
436
{
434
#ifdef USE_OPENSSL
437
#ifdef USE_OPENSSL
438
#if OPENSSL_VERSION_NUMBER < 0x10100000L
435
	RAND_pseudo_bytes(buf, size);
439
	RAND_pseudo_bytes(buf, size);
440
#else
441
	RAND_bytes(buf, size);
442
#endif
436
#elif defined(CONFIG_GNUTLS)
443
#elif defined(CONFIG_GNUTLS)
437
	gcry_create_nonce(buf, size);
444
	gcry_create_nonce(buf, size);
438
#else
445
#else
439
- 

Return to bug 605026