diff options
Diffstat (limited to 'security/softether-devel/files/patch-fix-build-openssl111')
| -rw-r--r-- | security/softether-devel/files/patch-fix-build-openssl111 | 67 |
1 files changed, 46 insertions, 21 deletions
diff --git a/security/softether-devel/files/patch-fix-build-openssl111 b/security/softether-devel/files/patch-fix-build-openssl111 index a7a9608c576f..29b0ce358702 100644 --- a/security/softether-devel/files/patch-fix-build-openssl111 +++ b/security/softether-devel/files/patch-fix-build-openssl111 @@ -1,22 +1,47 @@ ---- src/Mayaqua/Encrypt.c.orig 2018-11-06 08:15:31 UTC -+++ src/Mayaqua/Encrypt.c -@@ -2684,7 +2684,7 @@ bool RsaCheck() - BIO *bio; - char errbuf[MAX_SIZE]; - UINT size = 0; -- UINT bit = 32; -+ UINT bit = RSA_KEY_SIZE; - // Validate arguments +--- src/Mayaqua/Network.c.orig 2019-07-09 22:00:31.540606000 +0900 ++++ src/Mayaqua/Network.c 2019-07-09 22:00:37.550748000 +0900 +@@ -5946,6 +5946,10 @@ + return 1; + } - // Key generation ---- src/Mayaqua/Encrypt.h.orig 2018-11-06 08:15:31 UTC -+++ src/Mayaqua/Encrypt.h -@@ -128,7 +128,7 @@ void RAND_Free_For_SoftEther(); - #define DES_IV_SIZE 8 // DES IV size - #define DES_BLOCK_SIZE 8 // DES block size - #define DES3_KEY_SIZE (8 * 3) // 3DES key size --#define RSA_KEY_SIZE 128 // RSA key size -+#define RSA_KEY_SIZE 4096 // RSA key size - #define DH_KEY_SIZE 128 // DH key size - #define RSA_MIN_SIGN_HASH_SIZE (15 + SHA1_HASH_SIZE) // Minimum RSA hash size - #define RSA_SIGN_HASH_SIZE (RSA_MIN_SIGN_HASH_SIZE) // RSA hash size ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#define X509_STORE_CTX_get0_cert(o) ((o)->cert) ++#endif ++ + // Verify client SSL certificate during TLS handshake. + // + // (actually, only save the certificate for later authentication in Protocol.c) +@@ -5953,27 +5957,27 @@ + { + SSL *ssl; + struct SslClientCertInfo *clientcert; ++ X509 *cert; + + ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()); + clientcert = SSL_get_ex_data(ssl, GetSslClientCertIndex()); + + if (clientcert != NULL) + { +- clientcert->PreverifyErr = 0; ++ clientcert->PreverifyErr = X509_STORE_CTX_get_error(ctx); + clientcert->PreverifyErrMessage[0] = '\0'; + if (!preverify_ok) + { +- char *msg; +- clientcert->PreverifyErr = X509_STORE_CTX_get_error(ctx); +- msg = (char *)X509_verify_cert_error_string(clientcert->PreverifyErr); ++ const char *msg = X509_verify_cert_error_string(clientcert->PreverifyErr); + StrCpy(clientcert->PreverifyErrMessage, PREVERIFY_ERR_MESSAGE_SIZE, msg); + Debug("SslCertVerifyCallback preverify error: '%s'\n", msg); + } + else + { +- if (ctx->cert != NULL) ++ cert = X509_STORE_CTX_get0_cert(ctx); ++ if (cert != NULL) + { +- X *tmpX = X509ToX(ctx->cert); // this only wraps ctx->cert, but we need to make a copy ++ X *tmpX = X509ToX(cert); // this only wraps cert, but we need to make a copy + X *copyX = CloneX(tmpX); + tmpX->do_not_free = true; // do not release inner X509 object + FreeX(tmpX); |