Last active
March 24, 2018 15:33
-
-
Save woohooyeah/7b3adc482ffd1c0c0d2277b430e96d90 to your computer and use it in GitHub Desktop.
a patch for OpenVPN 2.4.5 to prevent errors when compiling with LibreSSL 2.6.4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/configure.ac b/configure.ac | |
| index 88d1e09..7db5c79 100644 | |
| --- a/configure.ac | |
| +++ b/configure.ac | |
| @@ -935,6 +935,18 @@ if test "${enable_crypto}" = "yes" -a "${with_crypto_library}" = "openssl"; then | |
| EC_GROUP_order_bits | |
| ] | |
| ) | |
| + AC_CHECK_DECL( | |
| + [ | |
| + SSL_CTX_get_min_proto_version, | |
| + SSL_CTX_get_max_proto_version, | |
| + SSL_CTX_set_min_proto_version, | |
| + SSL_CTX_set_max_proto_version, | |
| + ], | |
| + , | |
| + , | |
| + [[#include <openssl/ssl.h>]] | |
| + | |
| + ) | |
| CFLAGS="${saved_CFLAGS}" | |
| LIBS="${saved_LIBS}" | |
| diff --git a/src/openvpn/openssl_compat.h b/src/openvpn/openssl_compat.h | |
| index d375fab..340d452 100644 | |
| --- a/src/openvpn/openssl_compat.h | |
| +++ b/src/openvpn/openssl_compat.h | |
| @@ -661,7 +661,7 @@ EC_GROUP_order_bits(const EC_GROUP *group) | |
| #define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT | |
| #endif | |
| -#ifndef SSL_CTX_get_min_proto_version | |
| +#if !HAVE_DECL_SSL_CTX_GET_MIN_PROTO_VERSION | |
| /** Return the min SSL protocol version currently enabled in the context. | |
| * If no valid version >= TLS1.0 is found, return 0. */ | |
| static inline int | |
| @@ -684,7 +684,7 @@ SSL_CTX_get_min_proto_version(SSL_CTX *ctx) | |
| } | |
| #endif /* SSL_CTX_get_min_proto_version */ | |
| -#ifndef SSL_CTX_get_max_proto_version | |
| +#if !HAVE_DECL_SSL_CTX_GET_MAX_PROTO_VERSION | |
| /** Return the max SSL protocol version currently enabled in the context. | |
| * If no valid version >= TLS1.0 is found, return 0. */ | |
| static inline int | |
| @@ -707,7 +707,7 @@ SSL_CTX_get_max_proto_version(SSL_CTX *ctx) | |
| } | |
| #endif /* SSL_CTX_get_max_proto_version */ | |
| -#ifndef SSL_CTX_set_min_proto_version | |
| +#if !HAVE_DECL_SSL_CTX_SET_MIN_PROTO_VERSION | |
| /** Mimics SSL_CTX_set_min_proto_version for OpenSSL < 1.1 */ | |
| static inline int | |
| SSL_CTX_set_min_proto_version(SSL_CTX *ctx, long tls_ver_min) | |
| @@ -736,7 +736,7 @@ SSL_CTX_set_min_proto_version(SSL_CTX *ctx, long tls_ver_min) | |
| } | |
| #endif /* SSL_CTX_set_min_proto_version */ | |
| -#ifndef SSL_CTX_set_max_proto_version | |
| +#if !HAVE_DECL_SSL_CTX_SET_MAX_PROTO_VERSION | |
| /** Mimics SSL_CTX_set_max_proto_version for OpenSSL < 1.1 */ | |
| static inline int | |
| SSL_CTX_set_max_proto_version(SSL_CTX *ctx, long tls_ver_max) |
Only works when autoconf is actually called (so it doesn't work for openvpn-build)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Source here, I altered it to work with OpenVPN 2.4.5