From b80c554aad23f0107b25709ce30bb6506b62d0ea Mon Sep 17 00:00:00 2001 From: Waldemar Brodkorb Date: Mon, 7 Oct 2019 21:07:21 +0200 Subject: openvpn: update to 2.4.7 --- .../patches/patch-src_openvpn_ssl_openssl_c | 29 ++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 package/openvpn/patches/patch-src_openvpn_ssl_openssl_c (limited to 'package/openvpn/patches/patch-src_openvpn_ssl_openssl_c') diff --git a/package/openvpn/patches/patch-src_openvpn_ssl_openssl_c b/package/openvpn/patches/patch-src_openvpn_ssl_openssl_c new file mode 100644 index 000000000..efcbc2600 --- /dev/null +++ b/package/openvpn/patches/patch-src_openvpn_ssl_openssl_c @@ -0,0 +1,29 @@ +--- openvpn-2.4.7.orig/src/openvpn/ssl_openssl.c 2019-02-20 13:28:23.000000000 +0100 ++++ openvpn-2.4.7/src/openvpn/ssl_openssl.c 2019-10-07 21:44:52.473323073 +0200 +@@ -459,7 +459,7 @@ tls_ctx_restrict_ciphers_tls13(struct tl + return; + } + +-#if (OPENSSL_VERSION_NUMBER < 0x1010100fL) ++#if (OPENSSL_VERSION_NUMBER < 0x1010100fL) || defined(LIBRESSL_VERSION_NUMBER) + crypto_msg(M_WARN, "Not compiled with OpenSSL 1.1.1 or higher. " + "Ignoring TLS 1.3 only tls-ciphersuites '%s' setting.", + ciphers); +@@ -1846,7 +1846,7 @@ show_available_tls_ciphers_list(const ch + crypto_msg(M_FATAL, "Cannot create SSL_CTX object"); + } + +-#if (OPENSSL_VERSION_NUMBER >= 0x1010100fL) ++#if (OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER)) + if (tls13) + { + SSL_CTX_set_min_proto_version(tls_ctx.ctx, TLS1_3_VERSION); +@@ -1867,7 +1867,7 @@ show_available_tls_ciphers_list(const ch + crypto_msg(M_FATAL, "Cannot create SSL object"); + } + +-#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) ++#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) || defined(LIBRESSL_VERSION_NUMBER) + STACK_OF(SSL_CIPHER) *sk = SSL_get_ciphers(ssl); + #else + STACK_OF(SSL_CIPHER) *sk = SSL_get1_supported_ciphers(ssl); -- cgit v1.2.3