void-packages/srcpkgs/openconnect/patches/libressl.patch

59 lines
2.1 KiB
Diff

diff --git openssl-esp.c openssl-esp.c
index 8b51832..d9cde85 100644
--- openssl-esp.c
+++ openssl-esp.c
@@ -27,7 +27,7 @@
#include <openssl/evp.h>
#include <openssl/rand.h>
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#define EVP_CIPHER_CTX_free(c) do { \
EVP_CIPHER_CTX_cleanup(c); \
@@ -85,7 +85,7 @@ static int init_esp_ciphers(struct openconnect_info *vpninfo, struct esp *esp,
}
EVP_CIPHER_CTX_set_padding(esp->cipher, 0);
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
esp->hmac = malloc(sizeof(*esp->hmac));
esp->pkt_hmac = malloc(sizeof(*esp->pkt_hmac));
if (!esp->hmac || &esp->pkt_hmac) {
diff --git openssl.c openssl.c
index 785fd2a..6007cef 100644
--- openssl.c
+++ openssl.c
@@ -36,11 +36,11 @@
#include <openssl/ui.h>
#include <openssl/rsa.h>
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#define X509_up_ref(x) CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_X509)
#endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#define EVP_MD_CTX_new EVP_MD_CTX_create
#define EVP_MD_CTX_free EVP_MD_CTX_destroy
#define X509_STORE_CTX_get0_chain(ctx) ((ctx)->chain)
@@ -991,7 +991,7 @@ static int set_peer_cert_hash(struct openconnect_info *vpninfo)
return 0;
}
-#if OPENSSL_VERSION_NUMBER < 0x10002000L
+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
static int match_hostname_elem(const char *hostname, int helem_len,
const char *match, int melem_len)
{
@@ -1653,7 +1653,7 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
* 4fcdd66fff5fea0cfa1055c6680a76a4303f28a2
* cd6bd5ffda616822b52104fee0c4c7d623fd4f53
*/
-#if OPENSSL_VERSION_NUMBER >= 0x10001070
+#if OPENSSL_VERSION_NUMBER >= 0x10001070 || defined(LIBRESSL_VERSION_NUMBER)
if (string_is_hostname(vpninfo->hostname))
SSL_set_tlsext_host_name(https_ssl, vpninfo->hostname);
#endif