diff options
| author |   Aaron Bauman <bman@gentoo.org> | 2018-04-18 23:04:01 -0400 |
|---|---|---|
| committer | Aaron Bauman <bman@gentoo.org> | 2018-04-18 23:04:14 -0400 |
| commit | 858ab8314e6296e4b45e78992d07c1f22f0bf7a5 (patch) | |
| tree | f531e05c2fb3a8543d67a22ac4dc5e5d1e3760bb /net-wireless/hostapd/files | |
| parent | net-wireless/wpa_supplicant: bug #625458 (diff) | |
| download | gentoo-858ab8314e6296e4b45e78992d07c1f22f0bf7a5.tar.gz gentoo-858ab8314e6296e4b45e78992d07c1f22f0bf7a5.tar.bz2 gentoo-858ab8314e6296e4b45e78992d07c1f22f0bf7a5.zip | |
net-wireless/hostapd: add LibreSSL support
This patch adds support for LibreSSL and ensures compatibility with
dev-libs/libressl-2.7.x. Patch was backported from upstream commits:
ba3658cfff2278bc2ba24c32773962b37648d0b2
dee566d98e85e00b917d3eff42cd7e969de089cc
Closes: https://bugs.gentoo.org/567262
Package-Manager: Portage-2.3.29, Repoman-2.3.9
Diffstat (limited to 'net-wireless/hostapd/files')
| -rw-r--r-- | net-wireless/hostapd/files/hostapd-2.6-libressl-compatibility.patch | 106 |
1 files changed, 106 insertions, 0 deletions
diff --git a/net-wireless/hostapd/files/hostapd-2.6-libressl-compatibility.patch b/net-wireless/hostapd/files/hostapd-2.6-libressl-compatibility.patch new file mode 100644 index 000000000000..025da58028da --- /dev/null +++ b/net-wireless/hostapd/files/hostapd-2.6-libressl-compatibility.patch @@ -0,0 +1,106 @@ +diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c +index 19e0e2be8..6585c0245 100644 +--- a/src/crypto/crypto_openssl.c ++++ b/src/crypto/crypto_openssl.c +@@ -33,7 +33,9 @@ + #include "aes_wrap.h" + #include "crypto.h" + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && \ ++ LIBRESSL_VERSION_NUMBER < 0x20700000L) + /* Compatibility wrappers for older versions. */ + + static HMAC_CTX * HMAC_CTX_new(void) +@@ -79,7 +81,9 @@ static void EVP_MD_CTX_free(EVP_MD_CTX *ctx) + + static BIGNUM * get_group5_prime(void) + { +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \ ++ !(defined(LIBRESSL_VERSION_NUMBER) && \ ++ LIBRESSL_VERSION_NUMBER < 0x20700000L) + return BN_get_rfc3526_prime_1536(NULL); + #elif !defined(OPENSSL_IS_BORINGSSL) + return get_rfc3526_prime_1536(NULL); +@@ -611,7 +615,9 @@ void crypto_cipher_deinit(struct crypto_cipher *ctx) + + void * dh5_init(struct wpabuf **priv, struct wpabuf **publ) + { +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && \ ++ LIBRESSL_VERSION_NUMBER < 0x20700000L) + DH *dh; + struct wpabuf *pubkey = NULL, *privkey = NULL; + size_t publen, privlen; +@@ -712,7 +718,9 @@ err: + + void * dh5_init_fixed(const struct wpabuf *priv, const struct wpabuf *publ) + { +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && \ ++ LIBRESSL_VERSION_NUMBER < 0x20700000L) + DH *dh; + + dh = DH_new(); +diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c +index 23ac64b48..91acc579d 100644 +--- a/src/crypto/tls_openssl.c ++++ b/src/crypto/tls_openssl.c +@@ -59,7 +59,8 @@ typedef int stack_index_t; + #endif /* SSL_set_tlsext_status_type */ + + #if (OPENSSL_VERSION_NUMBER < 0x10100000L || \ +- defined(LIBRESSL_VERSION_NUMBER)) && \ ++ (defined(LIBRESSL_VERSION_NUMBER) && \ ++ LIBRESSL_VERSION_NUMBER < 0x20700000L)) && \ + !defined(BORINGSSL_API_VERSION) + /* + * SSL_get_client_random() and SSL_get_server_random() were added in OpenSSL +@@ -919,7 +920,9 @@ void * tls_init(const struct tls_config *conf) + } + #endif /* OPENSSL_FIPS */ + #endif /* CONFIG_FIPS */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && \ ++ LIBRESSL_VERSION_NUMBER < 0x20700000L) + SSL_load_error_strings(); + SSL_library_init(); + #ifndef OPENSSL_NO_SHA256 +@@ -1043,7 +1046,9 @@ void tls_deinit(void *ssl_ctx) + + tls_openssl_ref_count--; + if (tls_openssl_ref_count == 0) { +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && \ ++ LIBRESSL_VERSION_NUMBER < 0x20700000L) + #ifndef OPENSSL_NO_ENGINE + ENGINE_cleanup(); + #endif /* OPENSSL_NO_ENGINE */ +@@ -3105,7 +3110,9 @@ int tls_connection_get_random(void *ssl_ctx, struct tls_connection *conn, + #ifdef OPENSSL_NEED_EAP_FAST_PRF + static int openssl_get_keyblock_size(SSL *ssl) + { +-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && \ ++ LIBRESSL_VERSION_NUMBER < 0x20700000L) + const EVP_CIPHER *c; + const EVP_MD *h; + int md_size; +@@ -4159,7 +4166,9 @@ static int tls_sess_sec_cb(SSL *s, void *secret, int *secret_len, + struct tls_connection *conn = arg; + int ret; + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && \ ++ LIBRESSL_VERSION_NUMBER < 0x20700000L) + if (conn == NULL || conn->session_ticket_cb == NULL) + return 0; + |