summaryrefslogtreecommitdiff
path: root/package/curl/patches/patch-lib_vtls_openssl_c
diff options
context:
space:
mode:
Diffstat (limited to 'package/curl/patches/patch-lib_vtls_openssl_c')
-rw-r--r--package/curl/patches/patch-lib_vtls_openssl_c52
1 files changed, 52 insertions, 0 deletions
diff --git a/package/curl/patches/patch-lib_vtls_openssl_c b/package/curl/patches/patch-lib_vtls_openssl_c
new file mode 100644
index 000000000..1182df47d
--- /dev/null
+++ b/package/curl/patches/patch-lib_vtls_openssl_c
@@ -0,0 +1,52 @@
+--- curl-7.59.0.orig/lib/vtls/openssl.c 2018-03-12 08:18:59.000000000 +0100
++++ curl-7.59.0/lib/vtls/openssl.c 2018-04-10 03:38:32.766247842 +0100
+@@ -104,7 +104,8 @@
+ #endif
+
+ #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && /* OpenSSL 1.1.0+ */ \
+- !defined(LIBRESSL_VERSION_NUMBER)
++ !(defined(LIBRESSL_VERSION_NUMBER) && \
++ LIBRESSL_VERSION_NUMBER < 0x20700000L)
+ #define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
+ #define HAVE_X509_GET0_EXTENSIONS 1 /* added in 1.1.0 -pre1 */
+ #define HAVE_OPAQUE_EVP_PKEY 1 /* since 1.1.0 -pre3 */
+@@ -128,7 +129,8 @@ static unsigned long OpenSSL_version_num
+ #endif
+
+ #if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) && /* 1.0.2 or later */ \
+- !defined(LIBRESSL_VERSION_NUMBER)
++ !(defined(LIBRESSL_VERSION_NUMBER) && \
++ LIBRESSL_VERSION_NUMBER < 0x20700000L)
+ #define HAVE_X509_GET0_SIGNATURE 1
+ #endif
+
+@@ -147,7 +149,7 @@ static unsigned long OpenSSL_version_num
+ * Whether SSL_CTX_set_keylog_callback is available.
+ * OpenSSL: supported since 1.1.1 https://github.com/openssl/openssl/pull/2287
+ * BoringSSL: supported since d28f59c27bac (committed 2015-11-19)
+- * LibreSSL: unsupported in at least 2.5.1 (explicitly check for it since it
++ * LibreSSL: unsupported in at least 2.7.2 (explicitly check for it since it
+ * lies and pretends to be OpenSSL 2.0.0).
+ */
+ #if (OPENSSL_VERSION_NUMBER >= 0x10101000L && \
+@@ -259,7 +261,9 @@ static void tap_ssl_key(const SSL *ssl,
+ if(!session || !keylog_file_fp)
+ return;
+
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
++ !(defined(LIBRESSL_VERSION_NUMBER) && \
++ LIBRESSL_VERSION_NUMBER < 0x20700000L)
+ /* ssl->s3 is not checked in openssl 1.1.0-pre6, but let's assume that
+ * we have a valid SSL context if we have a non-NULL session. */
+ SSL_get_client_random(ssl, client_random, SSL3_RANDOM_SIZE);
+@@ -2082,8 +2086,7 @@ static CURLcode ossl_connect_step1(struc
+ case CURL_SSLVERSION_TLSv1_2:
+ case CURL_SSLVERSION_TLSv1_3:
+ /* it will be handled later with the context options */
+-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
+- !defined(LIBRESSL_VERSION_NUMBER)
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+ req_method = TLS_client_method();
+ #else
+ req_method = SSLv23_client_method();
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-19 21:41:00 +0000