void-packages/srcpkgs/stunnel/patches/stunnel-libressl.patch

50 lines
2.0 KiB
Diff

--- src/verify.c.orig 2015-04-24 12:13:40.887968414 +0200
+++ src/verify.c 2015-04-24 12:16:03.379359153 +0200
@@ -48,7 +48,7 @@
NOEXPORT int verify_callback(int, X509_STORE_CTX *);
NOEXPORT int verify_checks(CLI *, int, X509_STORE_CTX *);
NOEXPORT int cert_check(CLI *, X509_STORE_CTX *, int);
-#if OPENSSL_VERSION_NUMBER>=0x10002000L
+#if OPENSSL_VERSION_NUMBER>=0x10002000L && OPENSSL_VERSION_NUMBER<0x20000000L
NOEXPORT int cert_check_subject(CLI *, X509_STORE_CTX *);
#endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
NOEXPORT int cert_check_local(X509_STORE_CTX *);
@@ -258,7 +258,7 @@
}
if(depth==0) { /* additional peer certificate checks */
-#if OPENSSL_VERSION_NUMBER>=0x10002000L
+#if OPENSSL_VERSION_NUMBER>=0x10002000L && OPENSSL_VERSION_NUMBER<0x20000000L
if(!cert_check_subject(c, callback_ctx))
return 0; /* reject */
#endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
@@ -269,7 +269,7 @@
return 1; /* accept */
}
-#if OPENSSL_VERSION_NUMBER>=0x10002000L
+#if OPENSSL_VERSION_NUMBER>=0x10002000L && OPENSSL_VERSION_NUMBER<0x20000000L
NOEXPORT int cert_check_subject(CLI *c, X509_STORE_CTX *callback_ctx) {
X509 *cert=X509_STORE_CTX_get_current_cert(callback_ctx);
NAME_LIST *ptr;
--- src/options.c.orig
+++ src/options.c
@@ -2450,7 +2450,7 @@
/* sslVersion */
switch(cmd) {
case CMD_BEGIN:
-#if OPENSSL_VERSION_NUMBER>=0x10100000L
+#if OPENSSL_VERSION_NUMBER>=0x10100000L && OPENSSL_VERSION_NUMBER<0x20000000L
section->client_method=(SSL_METHOD *)TLS_client_method();
section->server_method=(SSL_METHOD *)TLS_server_method();
#else
@@ -2462,7 +2462,7 @@
if(strcasecmp(opt, "sslVersion"))
break;
if(!strcasecmp(arg, "all")) {
-#if OPENSSL_VERSION_NUMBER>=0x10100000L
+#if OPENSSL_VERSION_NUMBER>=0x10100000L && OPENSSL_VERSION_NUMBER<0x20000000L
section->client_method=(SSL_METHOD *)TLS_client_method();
section->server_method=(SSL_METHOD *)TLS_server_method();
#else