From 2c9f89cc7678e6d2f0abfdcffec97463422da704 Mon Sep 17 00:00:00 2001 From: Eneas U de Queiroz Date: Thu, 13 Dec 2018 00:25:16 -0200 Subject: [PATCH] hnetd: add compatiblity with openssl 1.1.x Signed-off-by: Eneas U de Queiroz --- hnetd/Makefile | 2 +- ...1-dtls.c-Update-openssl-API-to-1.1.0.patch | 71 +++++++++++++++++++ 2 files changed, 72 insertions(+), 1 deletion(-) create mode 100644 hnetd/patches/0001-dtls.c-Update-openssl-API-to-1.1.0.patch diff --git a/hnetd/Makefile b/hnetd/Makefile index 6390f13..8689972 100644 --- a/hnetd/Makefile +++ b/hnetd/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=hnetd PKG_SOURCE_VERSION:=606d7e904603ad8792ac1a7ba825618df97b5a4e PKG_VERSION:=2016-06-28-$(PKG_SOURCE_VERSION) -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/sbyx/hnetd.git diff --git a/hnetd/patches/0001-dtls.c-Update-openssl-API-to-1.1.0.patch b/hnetd/patches/0001-dtls.c-Update-openssl-API-to-1.1.0.patch new file mode 100644 index 0000000..36cce7d --- /dev/null +++ b/hnetd/patches/0001-dtls.c-Update-openssl-API-to-1.1.0.patch @@ -0,0 +1,71 @@ +From a9d47c87115bf69c19e9263efb90d5753456f1b9 Mon Sep 17 00:00:00 2001 +From: Eneas U de Queiroz +Date: Thu, 13 Dec 2018 00:20:57 -0200 +Subject: [PATCH] dtls.c: Update openssl API to 1.1.0 + +Use shims for compatiblity with previous versions. + +Signed-off-by: Eneas U de Queiroz +--- + src/dtls.c | 20 +++++++++++++++++--- + 1 file changed, 17 insertions(+), 3 deletions(-) + +diff --git a/src/dtls.c b/src/dtls.c +index ed5d408..511f724 100644 +--- a/src/dtls.c ++++ b/src/dtls.c +@@ -38,6 +38,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -168,6 +169,19 @@ static dtls_limits_s _default_limits = { + + static bool _ssl_initialized = false; + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L \ ++ || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L) ++static inline void *X509_STORE_get_ex_data(X509_STORE *ctx, int idx) ++{ ++ return CRYPTO_get_ex_data(&ctx->ex_data, idx); ++} ++ ++static inline int X509_STORE_set_ex_data(X509_STORE *ctx, int idx, void *data) ++{ ++ return CRYPTO_set_ex_data(&ctx->ex_data, idx, data); ++} ++#endif ++ + static bool _drain_errors() + { + if (!ERR_peek_error()) +@@ -863,7 +877,7 @@ ssize_t dtls_send(dtls d, + + static int _verify_cert_cb(int ok, X509_STORE_CTX *ctx) + { +- dtls d = CRYPTO_get_ex_data(&ctx->ctx->ex_data, 0); ++ dtls d = X509_STORE_get_ex_data(X509_STORE_CTX_get0_store(ctx), 0); + + if (!d) + { +@@ -916,7 +930,7 @@ bool dtls_set_local_cert(dtls d, const char *certfile, const char *pkfile) + |SSL_VERIFY_FAIL_IF_NO_PEER_CERT + #endif /* DTLS_OPENSSL */ + , _verify_cert_cb); +- CRYPTO_set_ex_data(&d->ssl_server_ctx->cert_store->ex_data, 0, d); ++ X509_STORE_set_ex_data(SSL_CTX_get_cert_store(d->ssl_server_ctx), 0, d); + + #ifndef USE_ONE_CONTEXT + R1("client cert", +@@ -928,7 +942,7 @@ bool dtls_set_local_cert(dtls d, const char *certfile, const char *pkfile) + |SSL_VERIFY_PEER_FAIL_IF_NO_PEER_CERT + #endif /* DTLS_OPENSSL */ + , _verify_cert_cb); +- CRYPTO_set_ex_data(&d->ssl_client_ctx->cert_store->ex_data, 0, d); ++ X509_STORE_set_ex_data(SSL_CTX_get_cert_store(d->ssl_client_ctx), 0, d); + #endif /* !USE_ONE_CONTEXT */ + + return true; -- 2.30.2