X-Git-Url: http://git.openwrt.org/?p=openwrt%2Fstaging%2Fchunkeey.git;a=blobdiff_plain;f=tools%2Fmkimage%2Fpatches%2F200-rsa-sign-add-support-for-libressl.patch;fp=tools%2Fmkimage%2Fpatches%2F200-rsa-sign-add-support-for-libressl.patch;h=29058e22b71eacae71c77bffd774db335c473f39;hp=0000000000000000000000000000000000000000;hb=b13e981d72c14ba4c39f85f0d24a8f7947a1b2c4;hpb=68150d3125447a40cf103aeefd9bcb6c874e6769

diff --git a/tools/mkimage/patches/200-rsa-sign-add-support-for-libressl.patch b/tools/mkimage/patches/200-rsa-sign-add-support-for-libressl.patch
new file mode 100644
index 0000000000..29058e22b7
--- /dev/null
+++ b/tools/mkimage/patches/200-rsa-sign-add-support-for-libressl.patch
@@ -0,0 +1,68 @@
+From 69176c8602e29f4bd30457240374800d88dc39ed Mon Sep 17 00:00:00 2001
+From: Hauke Mehrtens <hauke@hauke-m.de>
+Date: Sat, 14 Apr 2018 22:39:34 +0200
+Subject: [PATCH] rsa-sign: add support for libressl
+
+---
+ lib/rsa/rsa-sign.c | 15 +++++++++------
+ 1 file changed, 9 insertions(+), 6 deletions(-)
+
+--- a/lib/rsa/rsa-sign.c
++++ b/lib/rsa/rsa-sign.c
+@@ -21,7 +21,8 @@
+ #define HAVE_ERR_REMOVE_THREAD_STATE
+ #endif
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
++    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
+ static void RSA_get0_key(const RSA *r,
+                  const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
+ {
+@@ -300,7 +301,8 @@ static int rsa_init(void)
+ {
+ 	int ret;
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
++    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
+ 	ret = SSL_library_init();
+ #else
+ 	ret = OPENSSL_init_ssl(0, NULL);
+@@ -309,7 +311,7 @@ static int rsa_init(void)
+ 		fprintf(stderr, "Failure to init SSL library\n");
+ 		return -1;
+ 	}
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 	SSL_load_error_strings();
+ 
+ 	OpenSSL_add_all_algorithms();
+@@ -355,7 +357,7 @@ err_set_rsa:
+ err_engine_init:
+ 	ENGINE_free(e);
+ err_engine_by_id:
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L ||  defined(LIBRESSL_VERSION_NUMBER)
+ 	ENGINE_cleanup();
+ #endif
+ 	return ret;
+@@ -363,7 +365,7 @@ err_engine_by_id:
+ 
+ static void rsa_remove(void)
+ {
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 	CRYPTO_cleanup_all_ex_data();
+ 	ERR_free_strings();
+ #ifdef HAVE_ERR_REMOVE_THREAD_STATE
+@@ -433,7 +435,8 @@ static int rsa_sign_with_key(RSA *rsa, s
+ 		ret = rsa_err("Could not obtain signature");
+ 		goto err_sign;
+ 	}
+-	#if OPENSSL_VERSION_NUMBER < 0x10100000L
++	#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
++	    defined(LIBRESSL_VERSION_NUMBER)
+ 		EVP_MD_CTX_cleanup(context);
+ 	#else
+ 		EVP_MD_CTX_reset(context);