Page MenuHomeFreeBSD
Files F153176026

D37058.id111983.diff
No OneTemporary
Actions

D37058.id111983.diff
View Options

Index: net/freeradius3/files/patch-src_main_cb.c
===================================================================
--- /dev/null
+++ net/freeradius3/files/patch-src_main_cb.c
@@ -0,0 +1,20 @@
+--- src/main/cb.c.orig 2022-10-18 11:15:41 UTC
++++ src/main/cb.c
+@@ -64,7 +64,7 @@ void cbtls_info(SSL const *s, int where, int ret)
+ /*
+ * After a ClientHello, list all the proposed ciphers from the client
+ */
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ if (SSL_get_state(s) == TLS_ST_SR_CLNT_HELLO) {
+ int i;
+ int num_ciphers;
+@@ -192,7 +192,7 @@ void cbtls_msg(int write_p, int msg_version, int conte
+ state->info.alert_level = 0x00;
+ state->info.alert_description = 0x00;
+
+-#if OPENSSL_VERSION_NUMBER >= 0x10101000L
++#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
+ } else if (content_type == SSL3_RT_INNER_CONTENT_TYPE && buf[0] == SSL3_RT_APPLICATION_DATA) {
+ /* let tls_ack_handler set application_data */
+ state->info.content_type = SSL3_RT_HANDSHAKE;
Index: net/freeradius3/files/patch-src_main_threads.c
===================================================================
--- /dev/null
+++ net/freeradius3/files/patch-src_main_threads.c
@@ -0,0 +1,11 @@
+--- src/main/threads.c.orig 2022-10-18 11:09:43 UTC
++++ src/main/threads.c
+@@ -860,7 +860,7 @@ static void *request_handler_thread(void *arg)
+ */
+ #if OPENSSL_VERSION_NUMBER < 0x10000000L
+ ERR_remove_state(0);
+-#elif OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
++#elif OPENSSL_VERSION_NUMBER < 0x10100000L
+ ERR_remove_thread_state(NULL);
+ #endif
+ #endif
Index: net/freeradius3/files/patch-src_main_tls.c
===================================================================
--- /dev/null
+++ net/freeradius3/files/patch-src_main_tls.c
@@ -0,0 +1,98 @@
+--- src/main/tls.c.orig 2022-10-18 11:08:25 UTC
++++ src/main/tls.c
+@@ -622,7 +622,7 @@ tls_session_t *tls_new_session(TALLOC_CTX *ctx, fr_tls
+ /*
+ * Swap empty store with the old one.
+ */
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ conf->old_x509_store = SSL_CTX_get_cert_store(conf->ctx);
+ /* Bump refcnt so the store is kept allocated till next store replacement */
+ X509_STORE_up_ref(conf->old_x509_store);
+@@ -1920,7 +1920,7 @@ done:
+ return 0;
+ }
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ static SSL_SESSION *cbtls_get_session(SSL *ssl, unsigned char *data, int len, int *copy)
+ #else
+ static SSL_SESSION *cbtls_get_session(SSL *ssl, const unsigned char *data, int len, int *copy)
+@@ -2304,7 +2304,7 @@ static int cbtls_cache_refresh(SSL *ssl, SSL_SESSION *
+ return 0;
+ }
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ static SSL_SESSION *cbtls_cache_load(SSL *ssl, unsigned char *data, int len, int *copy)
+ #else
+ static SSL_SESSION *cbtls_cache_load(SSL *ssl, const unsigned char *data, int len, int *copy)
+@@ -2840,7 +2840,7 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
+ char cn_str[1024];
+ char buf[64];
+ X509 *client_cert;
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ const STACK_OF(X509_EXTENSION) *ext_list;
+ #else
+ STACK_OF(X509_EXTENSION) *ext_list;
+@@ -3058,7 +3058,7 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
+ }
+
+ if (lookup == 0) {
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ ext_list = X509_get0_extensions(client_cert);
+ #else
+ X509_CINF *client_inf;
+@@ -3111,7 +3111,7 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
+ value[0] = '0';
+ value[1] = 'x';
+ const unsigned char *srcp;
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ const ASN1_STRING *srcasn1p;
+ srcasn1p = X509_EXTENSION_get_data(ext);
+ srcp = ASN1_STRING_get0_data(srcasn1p);
+@@ -3570,7 +3570,7 @@ void tls_global_cleanup(void)
+ {
+ #if OPENSSL_VERSION_NUMBER < 0x10000000L
+ ERR_remove_state(0);
+-#elif OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
++#elif OPENSSL_VERSION_NUMBER < 0x10100000L
+ ERR_remove_thread_state(NULL);
+ #endif
+ #ifndef OPENSSL_NO_ENGINE
+@@ -4281,7 +4281,6 @@ post_ca:
+ SSL_CTX_set_verify_depth(ctx, conf->verify_depth);
+ }
+
+-#ifndef LIBRESSL_VERSION_NUMBER
+ /* Load randomness */
+ if (conf->random_file) {
+ if (!(RAND_load_file(conf->random_file, 1024*10))) {
+@@ -4289,7 +4288,6 @@ post_ca:
+ return NULL;
+ }
+ }
+-#endif
+
+ /*
+ * Set the cipher list if we were told to
+@@ -4336,14 +4334,14 @@ post_ca:
+ */
+ SSL_CTX_sess_set_cache_size(ctx, conf->session_cache_size);
+
+-#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10101000L
+ SSL_CTX_set_num_tickets(ctx, 1);
+ #endif
+
+ } else {
+ SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
+
+-#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10101000L
+ /*
+ * This controls the number of stateful or stateless tickets
+ * generated with TLS 1.3. In OpenSSL 1.1.1 it's also
Index: net/freeradius3/files/patch-src_modules_rlm__eap_types_rlm__eap__fast_eap__fast.c
===================================================================
--- /dev/null
+++ net/freeradius3/files/patch-src_modules_rlm__eap_types_rlm__eap__fast_eap__fast.c
@@ -0,0 +1,11 @@
+--- src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c.orig 2022-10-18 11:10:14 UTC
++++ src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c
+@@ -44,7 +44,7 @@ static int openssl_get_keyblock_size(REQUEST *request,
+ {
+ const EVP_CIPHER *c;
+ const EVP_MD *h;
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ int md_size;
+
+ if (ssl->enc_read_ctx == NULL || ssl->enc_read_ctx->cipher == NULL ||
Index: net/freeradius3/files/patch-src_modules_rlm__eap_types_rlm__eap__fast_rlm__eap__fast.c
===================================================================
--- /dev/null
+++ net/freeradius3/files/patch-src_modules_rlm__eap_types_rlm__eap__fast_rlm__eap__fast.c
@@ -0,0 +1,29 @@
+--- src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c.orig 2022-10-18 11:10:50 UTC
++++ src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c
+@@ -200,7 +200,7 @@ static void eap_fast_session_ticket(tls_session_t *tls
+ }
+
+ // hostap:src/crypto/tls_openssl.c:tls_sess_sec_cb()
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ static int _session_secret(SSL *s, void *secret, int *secret_len,
+ UNUSED STACK_OF(SSL_CIPHER) *peer_ciphers,
+ UNUSED SSL_CIPHER **cipher, void *arg)
+@@ -224,7 +224,7 @@ static int _session_secret(SSL *s, void *secret, int *
+
+ RDEBUG("processing PAC-Opaque");
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ eap_fast_session_ticket(tls_session, s->s3->client_random, s->s3->server_random, secret, secret_len);
+ #else
+ uint8_t client_random[SSL3_RANDOM_SIZE];
+@@ -590,7 +590,7 @@ static int mod_session_init(void *type_arg, eap_handle
+ }
+ }
+
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ {
+ int i;
+ for (i = 0; ; i++) {

File Metadata

Mime Type
text/plain
Expires
Mon, Apr 20, 3:08 PM (3 h, 19 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
31847287
Default Alt Text
D37058.id111983.diff (7 KB)

Event Timeline