OpenConnect 7.07 fails to build with LibreSSL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

We've found issues building OpenConnect 7.07 with LibreSSL which were
introduced by the OpenSSL 1.1.0 changes. This is caused by LibreSSL
setting OPENSSL_VERSION_NUMBER to 0x20000000L. The LibreSSL project
includes a define LIBRESSL_VERSION_NUMBER in openssl/opensslv.h that can
be used to fix build errors like this.

I've added the patch to the FreeBSD wiki page on LibreSSL
(https://wiki.freebsd.org/LibreSSL/Ports)

- --- openssl.c.orig      2016-07-09 14:43:41 UTC
+++ openssl.c
@@ -36,11 +36,11 @@
 #include <openssl/ui.h>
 #include <openssl/rsa.h>

- -#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined
(LIBRESSL_VERSION_NUMBER)
 #define X509_up_ref(x)         CRYPTO_add(&(x)->references, 1,
CRYPTO_LOCK_X509)
 #endif

- -#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined
(LIBRESSL_VERSION_NUMBER)
 #define EVP_MD_CTX_new EVP_MD_CTX_create
 #define EVP_MD_CTX_free EVP_MD_CTX_destroy
 #define X509_STORE_CTX_get0_chain(ctx) ((ctx)->chain)
@@ -991,7 +991,7 @@ static int set_peer_cert_hash(struct ope
        return 0;
 }

- -#if OPENSSL_VERSION_NUMBER < 0x10002000L
+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined
(LIBRESSL_VERSION_NUMBER)
 static int match_hostname_elem(const char *hostname, int helem_len,
                               const char *match, int melem_len)
 {
- --- openssl-esp.c.orig  2016-07-08 15:35:18 UTC
+++ openssl-esp.c
@@ -27,7 +27,7 @@
 #include <openssl/evp.h>
 #include <openssl/rand.h>

- -#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L ||
defined(LIBRESSL_VERSION_NUMBER)

 #define EVP_CIPHER_CTX_free(c) do {                            \
                                    EVP_CIPHER_CTX_cleanup(c);  \
@@ -85,7 +85,7 @@ static int init_esp_ciphers(struct openc
        }
        EVP_CIPHER_CTX_set_padding(esp->cipher, 0);

- -#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined
(LIBRESSL_VERSION_NUMBER)
        esp->hmac = malloc(sizeof(*esp->hmac));
        esp->pkt_hmac = malloc(sizeof(*esp->pkt_hmac));
        if (!esp->hmac || &esp->pkt_hmac) {

Signed-off-by: Bernard Spil <brnrd at FreeBSD.org>

Hope you'll include this in OpenConnect!

With kind regards,

Bernard Spil.
FreeBSD Ports committer
-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJXxszfAAoJEHT7/r+FArC0tiIP/Aim0PuP/tZlXZYfe/o9ylv1
p2h3IkpTrExqQsoxA0HWvP5aJ0mM40sCkaHDcdvDIspI7x45CK/ionBBySs6Me5V
O4Zj/hJh7S+S/036/5Z6EbFDjXayqUFoZHVu3rL8E/ezDmrYqWKz5iIDbOryray9
uM64jUiJBze/aJEeuSIa+pSboTO2PMuvH59yDVN0f1EHU39mAX0HqjE5cRAUM/+Z
yI2wJHFiHjxuszuPcJsKzO88eB9qoAdsrIu/0hbA4+0BkgQa7ODjJIImaHDryXvz
2lV/JtPg4MtT4MAAThAaRvbM73GMJ1HPKGpdH+Jby5tD2KDt2RNsICmRmh5gaeme
YButL7Sn6FylkVV/vO3yp6KTfEMYigqe3Fr+XeTtfueQ20eLpIN2LzIHWLTwHOXb
VpOiwt9s6eeW6ONM353x4kgQ7ekho1wgU8TBzU/oWF6khQIRp+LctEajkvd6cwpx
l0itQo8l9bz3s+jOMHO1anjydqoOoYuTbOxl3SdDzVXC/l2+81YYVHxUiQ/7lCUn
VFtVNtRq4vUZfw9Qg+h6G5RMIJPb1QKAFdpuU7MqOsyHSohoEgBfxp7ojmuvi6y4
c8mNCMJqyMEoWz6XJfHAzjdZ+me+Fbubm6KqCS8oZU1QFXfoa0LSr3WL/L2Tmh2u
u2ETiQs7O8QdTkDPS7I4
=kTFB
-----END PGP SIGNATURE-----
[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux