diff options
| author | Guido Falsi <madpilot@FreeBSD.org> | 2017-10-11 07:17:14 +0000 |
|---|---|---|
| committer | Guido Falsi <madpilot@FreeBSD.org> | 2017-10-11 07:17:14 +0000 |
| commit | 51ab38e87c3cebb2766fbce1d0a5f777dfcb7d14 (patch) | |
| tree | 6505857a310017622ffed87c06115a177e2f3f4e /net/pjsip | |
| parent | 59c8ed6daa9ca062e9eed759ef3debc6facf5bac (diff) | |
| download | ports-51ab38e87c3cebb2766fbce1d0a5f777dfcb7d14.tar.gz ports-51ab38e87c3cebb2766fbce1d0a5f777dfcb7d14.zip | |
Update pjsip patch to work with libressl after the latest update
to 2.7, which broke it.
PR: 216898
Submitted by: OlivierW <olivierw1+bugzilla-freebsd@hotmail.com>
Notes
Notes:
svn path=/head/; revision=451734
Diffstat (limited to 'net/pjsip')
| -rw-r--r-- | net/pjsip/files/patch-pjlib_src_pj_ssl__sock__ossl.c | 84 |
1 files changed, 77 insertions, 7 deletions
diff --git a/net/pjsip/files/patch-pjlib_src_pj_ssl__sock__ossl.c b/net/pjsip/files/patch-pjlib_src_pj_ssl__sock__ossl.c index 1b4e3229b9aa..742b0fdcad72 100644 --- a/net/pjsip/files/patch-pjlib_src_pj_ssl__sock__ossl.c +++ b/net/pjsip/files/patch-pjlib_src_pj_ssl__sock__ossl.c @@ -1,7 +1,7 @@ ---- pjlib/src/pj/ssl_sock_ossl.c.orig 2017-01-24 05:41:05 UTC +--- pjlib/src/pj/ssl_sock_ossl.c.orig 2017-09-14 05:03:45 UTC +++ pjlib/src/pj/ssl_sock_ossl.c -@@ -54,7 +54,7 @@ - #include <openssl/engine.h> +@@ -53,7 +53,7 @@ + #include <openssl/rand.h> #include <openssl/opensslconf.h> -#if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x1000200fL @@ -9,7 +9,7 @@ # include <openssl/obj_mac.h> -@@ -112,7 +112,7 @@ static unsigned get_nid_from_cid(unsigned cid) +@@ -111,7 +111,7 @@ static unsigned get_nid_from_cid(unsigned cid) #endif @@ -18,7 +18,41 @@ # define OPENSSL_NO_SSL2 /* seems to be removed in 1.1.0 */ # define M_ASN1_STRING_data(x) ASN1_STRING_get0_data(x) # define M_ASN1_STRING_length(x) ASN1_STRING_length(x) -@@ -452,7 +452,7 @@ static pj_status_t init_openssl(void) +@@ -126,7 +126,7 @@ static unsigned get_nid_from_cid(unsigned cid) + + + #ifdef _MSC_VER +-# if OPENSSL_VERSION_NUMBER >= 0x10100000L ++# if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + # pragma comment(lib, "libcrypto") + # pragma comment(lib, "libssl") + # pragma comment(lib, "crypt32") +@@ -535,13 +535,13 @@ static pj_status_t init_openssl(void) + pj_assert(status == PJ_SUCCESS); + + /* Init OpenSSL lib */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + SSL_library_init(); + SSL_load_error_strings(); + #else + OPENSSL_init_ssl(0, NULL); + #endif +-#if OPENSSL_VERSION_NUMBER < 0x009080ffL ++#if OPENSSL_VERSION_NUMBER < 0x009080ffL || defined(LIBRESSL_VERSION_NUMBER) + /* This is now synonym of SSL_library_init() */ + OpenSSL_add_all_algorithms(); + #endif +@@ -556,7 +556,7 @@ static pj_status_t init_openssl(void) + int nid; + const char *cname; + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + meth = (SSL_METHOD*)SSLv23_server_method(); + if (!meth) + meth = (SSL_METHOD*)TLSv1_server_method(); +@@ -599,7 +599,7 @@ static pj_status_t init_openssl(void) SSL_set_session(ssl, SSL_SESSION_new()); @@ -27,7 +61,43 @@ openssl_curves_num = SSL_get_shared_curve(ssl,-1); if (openssl_curves_num > PJ_ARRAY_SIZE(openssl_curves)) openssl_curves_num = PJ_ARRAY_SIZE(openssl_curves); -@@ -1069,7 +1069,7 @@ static pj_status_t set_cipher_list(pj_ssl_sock_t *ssoc +@@ -768,7 +768,7 @@ static pj_status_t create_ssl(pj_ssl_sock_t *ssock) + BIO *bio; + DH *dh; + long options; +-#if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(LIBRESSL_VERSION_NUMBER) + EC_KEY *ecdh; + #endif + SSL_METHOD *ssl_method = NULL; +@@ -791,7 +791,7 @@ static pj_status_t create_ssl(pj_ssl_sock_t *ssock) + ssock->param.proto = PJ_SSL_SOCK_PROTO_SSL23; + + /* Determine SSL method to use */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + switch (ssock->param.proto) { + case PJ_SSL_SOCK_PROTO_TLS1: + ssl_method = (SSL_METHOD*)TLSv1_method(); +@@ -927,7 +927,7 @@ static pj_status_t create_ssl(pj_ssl_sock_t *ssock) + if (dh != NULL) { + if (SSL_CTX_set_tmp_dh(ctx, dh)) { + options = SSL_OP_CIPHER_SERVER_PREFERENCE | +- #if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L ++ #if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(LIBRESSL_VERSION_NUMBER) + SSL_OP_SINGLE_ECDH_USE | + #endif + SSL_OP_SINGLE_DH_USE; +@@ -995,7 +995,7 @@ static pj_status_t create_ssl(pj_ssl_sock_t *ssock) + if (SSL_CTX_ctrl(ctx, SSL_CTRL_SET_ECDH_AUTO, 1, NULL)) { + PJ_LOG(4,(ssock->pool->obj_name, "SSL ECDH initialized " + "(automatic), faster PFS ciphers enabled")); +- #if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L ++ #if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(LIBRESSL_VERSION_NUMBER) + } else { + /* enables AES-128 ciphers, to get AES-256 use NID_secp384r1 */ + ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); +@@ -1228,7 +1228,7 @@ static pj_status_t set_cipher_list(pj_ssl_sock_t *ssoc static pj_status_t set_curves_list(pj_ssl_sock_t *ssock) { @@ -36,7 +106,7 @@ int ret; int curves[PJ_SSL_SOCK_MAX_CURVES]; unsigned cnt; -@@ -1100,7 +1100,7 @@ static pj_status_t set_curves_list(pj_ssl_sock_t *ssoc +@@ -1259,7 +1259,7 @@ static pj_status_t set_curves_list(pj_ssl_sock_t *ssoc static pj_status_t set_sigalgs(pj_ssl_sock_t *ssock) { |