net/vsftpd/patches/010-openssl-deprecated.patch

   1 From 0ea55455703eb69d7617968424e4bede59f39b83 Mon Sep 17 00:00:00 2001
   2 From: Rosen Penev <rosenp@gmail.com>
   3 Date: Fri, 23 Nov 2018 18:03:32 -0800
   4 Subject: [PATCH] ssl: Fix compile without Deprecated APIs and no ECC support
   5
   6 Signed-off-by: Rosen Penev <rosenp@gmail.com>
   7 ---
   8  ssl.c | 11 +++++++++++
   9  1 file changed, 11 insertions(+)
  10
  11 --- a/ssl.c
  12 +++ b/ssl.c
  13 @@ -28,6 +28,9 @@
  14  #include <openssl/err.h>
  15  #include <openssl/rand.h>
  16  #include <openssl/bio.h>
  17 +#ifndef OPENSSL_NO_EC
  18 +#include <openssl/ec.h>
  19 +#endif
  20  #include <errno.h>
  21  #include <limits.h>
  22
  23 @@ -59,8 +62,12 @@ ssl_init(struct vsf_session* p_sess)
  24      SSL_CTX* p_ctx;
  25      long options;
  26      int verify_option = 0;
  27 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  28      SSL_library_init();
  29      p_ctx = SSL_CTX_new(SSLv23_server_method());
  30 +#else
  31 +    p_ctx = SSL_CTX_new(TLS_server_method());
  32 +#endif
  33      if (p_ctx == NULL)
  34      {
  35        die("SSL: could not allocate SSL context");
  36 @@ -120,6 +127,7 @@ ssl_init(struct vsf_session* p_sess)
  37      {
  38        die("SSL: RNG is not seeded");
  39      }
  40 +#ifndef OPENSSL_NO_EC
  41      {
  42        EC_KEY* key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
  43        if (key == NULL)
  44 @@ -129,6 +137,7 @@ ssl_init(struct vsf_session* p_sess)
  45        SSL_CTX_set_tmp_ecdh(p_ctx, key);
  46        EC_KEY_free(key);
  47      }
  48 +#endif
  49      if (tunable_ssl_request_cert)
  50      {
  51        verify_option |= SSL_VERIFY_PEER;
  52 @@ -660,7 +669,9 @@ ssl_cert_digest(SSL* p_ssl, struct vsf_s
  53  static char*
  54  get_ssl_error()
  55  {
  56 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  57    SSL_load_error_strings();
  58 +#endif
  59    return ERR_error_string(ERR_get_error(), NULL);
  60  }
  61