--- /dev/null
+--- a/configure.in
++++ b/configure.in
+@@ -832,35 +832,6 @@ if test "x$WITH_OPENSSL" = xyes; then
+ OPENSSL_INCLUDE="-DOPENSSL_NO_KRB5"
+ fi
+
+- dnl #
+- dnl # Now check that the header versions match the library
+- dnl #
+- AC_MSG_CHECKING([OpenSSL library and header version consistency])
+- AC_RUN_IFELSE(
+- [AC_LANG_PROGRAM(
+- [[
+- #include <stdio.h>
+- #include <openssl/opensslv.h>
+- #include <openssl/crypto.h>
+- ]],
+- [[
+- if (SSLeay() == OPENSSL_VERSION_NUMBER) {
+- return 0;
+- } else {
+- printf("library: %lx header: %lx... ", (unsigned long) SSLeay(), (unsigned long) OPENSSL_VERSION_NUMBER);
+- return 1;
+- }
+- ]]
+- )],
+- [
+- AC_MSG_RESULT(yes)
+- ],
+- [
+- AC_MSG_RESULT(no)
+- AC_MSG_FAILURE([OpenSSL library version does not match header version])
+- ]
+- )
+-
+ if test "x$OPENSSL_LIBS" = x; then
+ LIBS=$old_LIBS
+ LDFLAGS="$old_LDFLAGS"
+--- a/src/main/version.c
++++ b/src/main/version.c
+@@ -43,6 +43,7 @@ static long ssl_built = OPENSSL_VERSION_
+ */
+ int ssl_check_version(int allow_vulnerable)
+ {
++#if 0
+ long ssl_linked;
+
+ /*
+@@ -74,6 +75,7 @@ int ssl_check_version(int allow_vulnerab
+ return -1;
+ }
+ }
++#endif
+
+ return 0;
+ }
+++ /dev/null
---- a/configure.in
-+++ b/configure.in
-@@ -832,35 +832,6 @@ if test "x$WITH_OPENSSL" = xyes; then
- OPENSSL_INCLUDE="-DOPENSSL_NO_KRB5"
- fi
-
-- dnl #
-- dnl # Now check that the header versions match the library
-- dnl #
-- AC_MSG_CHECKING([OpenSSL library and header version consistency])
-- AC_RUN_IFELSE(
-- [AC_LANG_PROGRAM(
-- [[
-- #include <stdio.h>
-- #include <openssl/opensslv.h>
-- #include <openssl/crypto.h>
-- ]],
-- [[
-- if (SSLeay() == OPENSSL_VERSION_NUMBER) {
-- return 0;
-- } else {
-- printf("library: %lx header: %lx... ", (unsigned long) SSLeay(), (unsigned long) OPENSSL_VERSION_NUMBER);
-- return 1;
-- }
-- ]]
-- )],
-- [
-- AC_MSG_RESULT(yes)
-- ],
-- [
-- AC_MSG_RESULT(no)
-- AC_MSG_FAILURE([OpenSSL library version does not match header version])
-- ]
-- )
--
- if test "x$OPENSSL_LIBS" = x; then
- LIBS=$old_LIBS
- LDFLAGS="$old_LDFLAGS"
+++ /dev/null
-From 5ae2a70a135062a025d8fabc104eeae3a2c53a7a Mon Sep 17 00:00:00 2001
-From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
-Date: Tue, 17 Jun 2014 10:09:24 +0100
-Subject: [PATCH] Relax libssl checks
-
----
- src/main/version.c | 35 ++++++++++++++++++++++++++++-------
- 1 file changed, 28 insertions(+), 7 deletions(-)
-
---- a/src/main/version.c
-+++ b/src/main/version.c
-@@ -34,7 +34,12 @@ RCSID("$Id: af82d4126a65d94929c22f44da2b
-
- static long ssl_built = OPENSSL_VERSION_NUMBER;
-
--/** Check build and linked versions of OpenSSL match
-+/** Check built and linked versions of OpenSSL match
-+ *
-+ * OpenSSL version number consists of:
-+ * MMNNFFPPS: major minor fix patch status
-+ *
-+ * Where status >= 0 && < 10 means beta, and status 10 means release.
- *
- * Startup check for whether the linked version of OpenSSL matches the
- * version the server was built against.
-@@ -54,14 +59,30 @@ int ssl_check_version(int allow_vulnerab
-
- ssl_linked = SSLeay();
-
-- if (ssl_linked != ssl_built) {
-- radlog(L_ERR, "libssl version mismatch."
-- " Built with: %lx\n Linked: %lx",
-- (unsigned long) ssl_built,
-- (unsigned long) ssl_linked);
-+ /*
-+ * Status mismatch always triggers error.
-+ */
-+ if ((ssl_linked & 0x00000000f) != (ssl_built & 0x00000000f)) {
-+ mismatch:
-+ radlog(L_ERR, "libssl version mismatch. built: %lx linked: %lx",
-+ (unsigned long) ssl_built, (unsigned long) ssl_linked);
-
- return -1;
-- };
-+ }
-+
-+ /*
-+ * Use the OpenSSH approach and relax fix checks after version
-+ * 1.0.0 and only allow moving backwards within a patch
-+ * series.
-+ */
-+ if (ssl_built & 0xff) {
-+ if ((ssl_built & 0xffff) != (ssl_linked & 0xffff) ||
-+ (ssl_built & 0x0000ff) > (ssl_linked & 0x0000ff)) goto mismatch;
-+ /*
-+ * Before 1.0.0 we require the same major minor and fix version
-+ * and ignore the patch number.
-+ */
-+ } else if ((ssl_built & 0xffffff) != (ssl_linked & 0xffffff)) goto mismatch;
-
- if (!allow_vulnerable) {
- /* Check for bad versions */
projects / feed / packages.git / commitdiff