diff options
author | Olli Hauer <ohauer@FreeBSD.org> | 2016-09-02 17:21:28 +0000 |
---|---|---|
committer | Olli Hauer <ohauer@FreeBSD.org> | 2016-09-02 17:21:28 +0000 |
commit | 90be07c84d0686089307f10a7fed1eed7980f35f (patch) | |
tree | e5119abe12da88e8567702ea3f23c2c4f9c616e4 /security | |
parent | a08371a4c3586c2fbd1659f4ba29dc122ad77d6b (diff) | |
download | ports-90be07c84d0686089307f10a7fed1eed7980f35f.tar.gz ports-90be07c84d0686089307f10a7fed1eed7980f35f.zip |
Notes
Diffstat (limited to 'security')
-rw-r--r-- | security/nmap/files/patch-ncat_ncat__ssl.c | 29 | ||||
-rw-r--r-- | security/nmap/files/patch-ncat_test_test-wildcard.c | 11 | ||||
-rw-r--r-- | security/nmap/files/patch-nping_Crypto.cc | 38 | ||||
-rw-r--r-- | security/nmap/files/patch-nse__openssl.cc | 47 | ||||
-rw-r--r-- | security/nmap/files/patch-nse__ssl__cert.cc | 29 |
5 files changed, 154 insertions, 0 deletions
diff --git a/security/nmap/files/patch-ncat_ncat__ssl.c b/security/nmap/files/patch-ncat_ncat__ssl.c new file mode 100644 index 000000000000..db7b5f4366e3 --- /dev/null +++ b/security/nmap/files/patch-ncat_ncat__ssl.c @@ -0,0 +1,29 @@ +--- ncat/ncat_ssl.c.orig 2016-08-01 09:34:56 UTC ++++ ncat/ncat_ssl.c +@@ -315,7 +315,7 @@ static int cert_match_dnsname(X509 *cert + + /* We must copy this address into a temporary variable because ASN1_item_d2i + increments it. We don't want it to corrupt ext->value->data. */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + data = ext->value->data; + #else + ASN1_OCTET_STRING* asn1_str = X509_EXTENSION_get_data(ext); +@@ -328,7 +328,7 @@ static int cert_match_dnsname(X509 *cert + presence of null bytes. */ + #if (OPENSSL_VERSION_NUMBER > 0x00907000L) + if (method->it != NULL) { +- #if OPENSSL_VERSION_NUMBER < 0x10100000L ++ #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + gen_names = (STACK_OF(GENERAL_NAME) *) ASN1_item_d2i(NULL, + (const unsigned char **) &data, + ext->value->length, ASN1_ITEM_ptr(method->it)); +@@ -339,7 +339,7 @@ static int cert_match_dnsname(X509 *cert + asn1_str_a->length, ASN1_ITEM_ptr(method->it)); + #endif + } else { +- #if OPENSSL_VERSION_NUMBER < 0x10100000L ++ #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + gen_names = (STACK_OF(GENERAL_NAME) *) method->d2i(NULL, + (const unsigned char **) &data, + ext->value->length); diff --git a/security/nmap/files/patch-ncat_test_test-wildcard.c b/security/nmap/files/patch-ncat_test_test-wildcard.c new file mode 100644 index 000000000000..517575df7d7a --- /dev/null +++ b/security/nmap/files/patch-ncat_test_test-wildcard.c @@ -0,0 +1,11 @@ +--- ncat/test/test-wildcard.c.orig 2016-08-01 09:34:56 UTC ++++ ncat/test/test-wildcard.c +@@ -253,7 +253,7 @@ static int set_dNSNames(X509 *cert, cons + if (gen_name == NULL) + goto stack_err; + gen_name->type = GEN_DNS; +- #if OPENSSL_VERSION_NUMBER < 0x10100000L ++ #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + gen_name->d.dNSName = M_ASN1_IA5STRING_new(); + #else + gen_name->d.dNSName = ASN1_IA5STRING_new(); diff --git a/security/nmap/files/patch-nping_Crypto.cc b/security/nmap/files/patch-nping_Crypto.cc new file mode 100644 index 000000000000..1094a929eb16 --- /dev/null +++ b/security/nmap/files/patch-nping_Crypto.cc @@ -0,0 +1,38 @@ +--- nping/Crypto.cc.orig 2016-08-01 09:34:56 UTC ++++ nping/Crypto.cc +@@ -178,7 +178,7 @@ int Crypto::aes128_cbc_encrypt(u8 *inbuf + #ifdef HAVE_OPENSSL + if( o.doCrypto() ){ + int flen=0, flen2=0; +- #if OPENSSL_VERSION_NUMBER < 0x10100000L ++ #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX_init(&ctx); + EVP_CIPHER_CTX_set_padding(&ctx, 0); +@@ -231,7 +231,7 @@ int Crypto::aes128_cbc_decrypt(u8 *inbuf + #ifdef HAVE_OPENSSL + if( o.doCrypto() ){ + int flen1=0, flen2=0; +- #if OPENSSL_VERSION_NUMBER < 0x10100000L ++ #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX_init(&ctx); + EVP_CIPHER_CTX_set_padding(&ctx, 0); +@@ -286,7 +286,7 @@ int Crypto::aes128_cbc_decrypt(u8 *inbuf + //ERR_free_strings(); + //ERR_pop_to_mark(); + } +- #if OPENSSL_VERSION_NUMBER < 0x10100000L ++ #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX_cleanup(&ctx); + #else + EVP_CIPHER_CTX_reset(ctx); +@@ -327,7 +327,7 @@ u8 *Crypto::deriveKey(const u8 *from, si + static u8 hash[MAX(SHA256_HASH_LEN, EVP_MAX_MD_SIZE)]; + static u8 next[MAX(SHA256_HASH_LEN, EVP_MAX_MD_SIZE)]; + unsigned int lastlen; +- #if OPENSSL_VERSION_NUMBER < 0x10100000L ++ #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_MD_CTX ctx; + EVP_MD_CTX_init(&ctx); + diff --git a/security/nmap/files/patch-nse__openssl.cc b/security/nmap/files/patch-nse__openssl.cc new file mode 100644 index 000000000000..b652b7f38a94 --- /dev/null +++ b/security/nmap/files/patch-nse__openssl.cc @@ -0,0 +1,47 @@ +--- nse_openssl.cc.orig 2016-08-01 09:34:56 UTC ++++ nse_openssl.cc +@@ -281,7 +281,7 @@ static int l_digest(lua_State *L) /* + const unsigned char *msg = (unsigned char *) luaL_checklstring( L, 2, &msg_len ); + unsigned char digest[EVP_MAX_MD_SIZE]; + const EVP_MD * evp_md; +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_MD_CTX mdctx; + #else + EVP_MD_CTX *mdctx = EVP_MD_CTX_new(); +@@ -291,7 +291,7 @@ static int l_digest(lua_State *L) /* + + if (!evp_md) return luaL_error( L, "Unknown digest algorithm: %s", algorithm ); + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_MD_CTX_init(&mdctx); + if (!( + EVP_DigestInit_ex( &mdctx, evp_md, NULL ) && +@@ -394,7 +394,7 @@ static int l_encrypt(lua_State *L) /** e + if (iv[0] == '\0') + iv = NULL; + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX cipher_ctx; + EVP_CIPHER_CTX_init( &cipher_ctx ); + +@@ -496,7 +496,7 @@ static int l_decrypt(lua_State *L) /** d + if (iv[0] == '\0') + iv = NULL; + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX cipher_ctx; + EVP_CIPHER_CTX_init( &cipher_ctx ); + +@@ -684,7 +684,7 @@ static const struct luaL_Reg openssllib[ + LUALIB_API int luaopen_openssl(lua_State *L) { + + OpenSSL_add_all_algorithms(); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + ERR_load_crypto_strings(); + #else + /* This is now deprecated in OpenSSL 1.1.0 _ No explicit initialisation diff --git a/security/nmap/files/patch-nse__ssl__cert.cc b/security/nmap/files/patch-nse__ssl__cert.cc new file mode 100644 index 000000000000..97c43d3ccb23 --- /dev/null +++ b/security/nmap/files/patch-nse__ssl__cert.cc @@ -0,0 +1,29 @@ +--- nse_ssl_cert.cc.orig 2016-08-30 16:07:08 UTC ++++ nse_ssl_cert.cc +@@ -528,7 +528,7 @@ static int parse_ssl_cert(lua_State *L, + lua_setfield(L, -2, "subject"); + } + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + const char *sig_algo = OBJ_nid2ln(OBJ_obj2nid(cert->sig_alg->algorithm)); + #else + const char *sig_algo = OBJ_nid2ln(X509_get_signature_nid(cert)); +@@ -555,7 +555,7 @@ static int parse_ssl_cert(lua_State *L, + return 2; + } + lua_newtable(L); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + pkey_type = EVP_PKEY_type(pubkey->type); + #else + pkey_type = EVP_PKEY_base_id(pubkey); +@@ -572,7 +572,7 @@ static int parse_ssl_cert(lua_State *L, + bignum_data_t * data = (bignum_data_t *) lua_newuserdata( L, sizeof(bignum_data_t)); + luaL_getmetatable( L, "BIGNUM" ); + lua_setmetatable( L, -2 ); +- #if OPENSSL_VERSION_NUMBER < 0x10100000L ++ #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + data->bn = rsa->e; + #elif OPENSSL_VERSION_NUMBER < 0x10100006L + BIGNUM *n, *e, *d; |