mirror
/
openwrt-packages
mirror of https://git.openwrt.org/feed/packages.git
1
0
Fork 0
Code Releases Activity
openwrt-packages/libs/uw-imap/patches/020-deprecated-openssl.patch

63 lines
2.3 KiB
Diff
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

--- a/src/osdep/unix/ssl_unix.c
+++ b/src/osdep/unix/ssl_unix.c
@@ -35,6 +35,7 @@
#include <bio.h>
#include <crypto.h>
#include <rand.h>
+#include <rsa.h>
#undef crypt
#define SSLBUFLEN 8192
@@ -90,6 +91,11 @@ static char *start_tls = NIL; /* non-NIL
static int sslonceonly = 0;
+#if OPENSSL_API_COMPAT >= 0x10100000L
+#define SSL_CTX_need_tmp_RSA(ctx) 0
+#define SSL_CTX_set_tmp_rsa_callback(ctx, cb) while(0) (cb)(NULL, 0, 0)
+#endif
+
void ssl_onceonlyinit (void)
{
if (!sslonceonly++) { /* only need to call it once */
@@ -114,7 +120,6 @@ void ssl_onceonlyinit (void)
/* apply runtime linkage */
mail_parameters (NIL,SET_SSLDRIVER,(void *) &ssldriver);
mail_parameters (NIL,SET_SSLSTART,(void *) ssl_start);
- SSL_library_init (); /* add all algorithms */
}
}
@@ -220,9 +225,7 @@ static char *ssl_start_work (SSLSTREAM *
(sslclientkey_t) mail_parameters (NIL,GET_SSLCLIENTKEY,NIL);
if (ssl_last_error) fs_give ((void **) &ssl_last_error);
ssl_last_host = host;
- if (!(stream->context = SSL_CTX_new ((flags & NET_TLSCLIENT) ?
- TLSv1_client_method () :
- SSLv23_client_method ())))
+ if (!(stream->context = SSL_CTX_new (TLS_client_method())))
return "SSL context failed";
SSL_CTX_set_options (stream->context,0);
/* disable certificate validation? */
@@ -695,9 +698,6 @@ void ssl_server_init (char *server)
SSLSTREAM *stream = (SSLSTREAM *) memset (fs_get (sizeof (SSLSTREAM)),0,
sizeof (SSLSTREAM));
ssl_onceonlyinit (); /* make sure algorithms added */
- ERR_load_crypto_strings ();
- SSL_load_error_strings ();
- /* build specific certificate/key file names */
sprintf (cert,"%s/%s-%s.pem",SSL_CERT_DIRECTORY,server,tcp_serveraddr ());
sprintf (key,"%s/%s-%s.pem",SSL_KEY_DIRECTORY,server,tcp_serveraddr ());
/* use non-specific name if no specific cert */
@@ -708,9 +708,7 @@ void ssl_server_init (char *server)
if (stat (key,&sbuf)) strcpy (key,cert);
}
/* create context */
- if (!(stream->context = SSL_CTX_new (start_tls ?
- TLSv1_server_method () :
- SSLv23_server_method ())))
+ if (!(stream->context = SSL_CTX_new (TLS_server_method())))
syslog (LOG_ALERT,"Unable to create SSL context, host=%.80s",
tcp_clienthost ());
else { /* set context options */
View Git Blame Copy Permalink