From: Vadim Kochan <vadim4j@gmail.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 1/1] package/libshout: Add support for openssl 1.1.x
Date: Fri, 18 Jan 2019 02:10:59 +0200 [thread overview]
Message-ID: <20190118001059.6045-1-vadim4j@gmail.com> (raw)
Added patch from Debian:
https://sources.debian.org/data/main/libs/libshout/2.4.1-2/debian/patches/01-libshout-tls-compile-with-OpenSSL-1.1.0.patch
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
---
...3-libshout-tls-compile-with-OpenSSL-1.1.0.patch | 58 ++++++++++++++++++++++
1 file changed, 58 insertions(+)
create mode 100644 package/libshout/0003-libshout-tls-compile-with-OpenSSL-1.1.0.patch
diff --git a/package/libshout/0003-libshout-tls-compile-with-OpenSSL-1.1.0.patch b/package/libshout/0003-libshout-tls-compile-with-OpenSSL-1.1.0.patch
new file mode 100644
index 0000000000..befd16e384
--- /dev/null
+++ b/package/libshout/0003-libshout-tls-compile-with-OpenSSL-1.1.0.patch
@@ -0,0 +1,58 @@
+From 01fafc449f0de56743d08e7976933c49e2915bfa Mon Sep 17 00:00:00 2001
+From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
+Date: Wed, 15 Nov 2017 12:46:25 +0000
+Subject: [PATCH] tls: compile with OpenSSL 1.1.0
+
+The init functions are not longer required in OpenSSL 1.1 so I dropped
+them.
+
+TLSv1_client_method() should not be used because it enables only the
+TLSv1.0 protocol. Better is to use SSLv23_client_method() which enable
+all the protocols including TLSv1.2. With this functions SSLv2 and SSLv3
+is theoretically possible but as of today those protocols are usually
+build-time disabled.
+To avoid all this OpenSSL 1.1 provides TLS_client_method() which is aim
+to provide to highest TLS protocol version (same as
+SSLv23_client_method() but it is deprecated in 1.1).
+
+Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
+---
+ src/tls.c | 12 ++++++++----
+ 1 file changed, 8 insertions(+), 4 deletions(-)
+
+diff --git a/src/tls.c b/src/tls.c
+index 4562c7327077..e0e5c1a5f079 100644
+--- a/src/tls.c
++++ b/src/tls.c
+@@ -24,6 +24,7 @@
+ #endif
+
+ #include <shout/shout.h>
++#include <string.h>
+ #include "shout_private.h"
+
+ #ifndef XXX_HAVE_X509_check_host
+@@ -61,14 +62,17 @@ shout_tls_t *shout_tls_new(shout_t *self, sock_t socket)
+
+ static inline int tls_setup(shout_tls_t *tls)
+ {
+- SSL_METHOD *meth;
+-
++ const SSL_METHOD *meth;
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
+ SSL_library_init();
+ SSL_load_error_strings();
+ SSLeay_add_all_algorithms();
+- SSLeay_add_ssl_algorithms();
++ SSLeay_add_ssl_algorithms();
+
+- meth = TLSv1_client_method();
++ meth = SSLv23_client_method();
++#else
++ meth = TLS_client_method();
++#endif
+ if (!meth)
+ goto error;
+
+--
+2.15.0
--
2.14.1
next reply other threads:[~2019-01-18 0:10 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-18 0:10 Vadim Kochan [this message]
2019-01-22 11:53 ` [Buildroot] [PATCH 1/1] package/libshout: Add support for openssl 1.1.x Arnout Vandecappelle
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190118001059.6045-1-vadim4j@gmail.com \
--to=vadim4j@gmail.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox