pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/www/cherokee Adopt OpenSSL 1.1 interfaces.
details: https://anonhg.NetBSD.org/pkgsrc/rev/0e22ad2ff25c
branches: trunk
changeset: 427370:0e22ad2ff25c
user: joerg <joerg%pkgsrc.org@localhost>
date: Wed Apr 15 22:38:18 2020 +0000
description:
Adopt OpenSSL 1.1 interfaces.
diffstat:
www/cherokee/distinfo | 7 +-
www/cherokee/patches/patch-cherokee_cryptor__libssl.c | 37 ++++++++++
www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__1024.c | 20 +++++
www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__2048.c | 20 +++++
www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__4096.c | 20 +++++
www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__512.c | 20 +++++
6 files changed, 123 insertions(+), 1 deletions(-)
diffs (155 lines):
diff -r 342607a556c4 -r 0e22ad2ff25c www/cherokee/distinfo
--- a/www/cherokee/distinfo Wed Apr 15 22:37:54 2020 +0000
+++ b/www/cherokee/distinfo Wed Apr 15 22:38:18 2020 +0000
@@ -1,8 +1,13 @@
-$NetBSD: distinfo,v 1.7 2015/11/04 02:46:51 agc Exp $
+$NetBSD: distinfo,v 1.8 2020/04/15 22:38:18 joerg Exp $
SHA1 (cherokee-1.2.101.tar.gz) = b27f149c7d7111207ac8c3cd8a4856c05490d136
RMD160 (cherokee-1.2.101.tar.gz) = dd3dedc352ba17bdcefd8e200143b8ffa19ad035
SHA512 (cherokee-1.2.101.tar.gz) = a2c513cadcc0d43def2199d38c5248eb7dae4d100ea019d3d705e46741df6c0a8f9a164668eb3983d6bdfebdb1e28d29dc8e6bf7f6858c600307067e083e1098
Size (cherokee-1.2.101.tar.gz) = 6320209 bytes
SHA1 (patch-cherokee_common-internal.h) = 730b67aa0cdf4990686e9529cec3a7fc1ddd90a5
+SHA1 (patch-cherokee_cryptor__libssl.c) = 86fba9edc122ba28bc38b1688013fa68192665bd
+SHA1 (patch-cherokee_cryptor__libssl__dh__1024.c) = 331bf1bb18ec78f8ddb2e5e2ef18a48cf66b624a
+SHA1 (patch-cherokee_cryptor__libssl__dh__2048.c) = 46541cfd1ab8dfcc14a14aa3240d2047dd044aaa
+SHA1 (patch-cherokee_cryptor__libssl__dh__4096.c) = 8aa7c90d05fcefba59243a8b9671fca3f74f73d3
+SHA1 (patch-cherokee_cryptor__libssl__dh__512.c) = 8c0c43942b7fa2485e241f376c9d542cb9b506b9
SHA1 (patch-configure) = 58a25088320863dd00f4c7d4f050e1c163dbe6f3
diff -r 342607a556c4 -r 0e22ad2ff25c www/cherokee/patches/patch-cherokee_cryptor__libssl.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/www/cherokee/patches/patch-cherokee_cryptor__libssl.c Wed Apr 15 22:38:18 2020 +0000
@@ -0,0 +1,37 @@
+$NetBSD: patch-cherokee_cryptor__libssl.c,v 1.1 2020/04/15 22:38:19 joerg Exp $
+
+Use OpenSSL 1.1 interface. Drop renegotation option, it doesn't exist in
+TLS 1.1 and newer.
+
+--- cherokee/cryptor_libssl.c.orig 2020-04-13 20:05:38.835019312 +0000
++++ cherokee/cryptor_libssl.c
+@@ -238,13 +238,13 @@ cherokee_cryptor_libssl_find_vserver (SS
+ /* SSL_set_SSL_CTX() only change certificates. We need to
+ * changes more options by hand.
+ */
+- SSL_set_options(ssl, SSL_CTX_get_options(ssl->ctx));
++ SSL_set_options(ssl, SSL_CTX_get_options(SSL_get_SSL_CTX(ssl)));
+
+ if ((SSL_get_verify_mode(ssl) == SSL_VERIFY_NONE) ||
+ (SSL_num_renegotiations(ssl) == 0)) {
+
+- SSL_set_verify(ssl, SSL_CTX_get_verify_mode(ssl->ctx),
+- SSL_CTX_get_verify_callback(ssl->ctx));
++ SSL_set_verify(ssl, SSL_CTX_get_verify_mode(SSL_get_SSL_CTX(ssl)),
++ SSL_CTX_get_verify_callback(SSL_get_SSL_CTX(ssl)));
+ }
+
+ return ret_ok;
+@@ -672,12 +672,6 @@ _socket_init_tls (cherokee_cryptor_socke
+ }
+ #endif
+
+- /* Disable Ciphers renegotiation (CVE-2009-3555)
+- */
+- if (cryp->session->s3) {
+- cryp->session->s3->flags |= SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS;
+- }
+-
+ return ret_ok;
+ }
+
diff -r 342607a556c4 -r 0e22ad2ff25c www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__1024.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__1024.c Wed Apr 15 22:38:18 2020 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-cherokee_cryptor__libssl__dh__1024.c,v 1.1 2020/04/15 22:38:19 joerg Exp $
+
+Use OpenSSL 1.1 interface.
+
+--- cherokee/cryptor_libssl_dh_1024.c.orig 2020-04-13 20:11:32.162747627 +0000
++++ cherokee/cryptor_libssl_dh_1024.c
+@@ -23,9 +23,10 @@ static DH *get_dh1024()
+ DH *dh;
+
+ if ((dh=DH_new()) == NULL) return(NULL);
+- dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
+- dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
+- if ((dh->p == NULL) || (dh->g == NULL))
++ BIGNUM *p = BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
++ BIGNUM *g = BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
++ DH_set0_pqg(dh, p, NULL, g);
++ if (p == NULL || g == NULL)
+ { DH_free(dh); return(NULL); }
+ return(dh);
+ }
diff -r 342607a556c4 -r 0e22ad2ff25c www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__2048.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__2048.c Wed Apr 15 22:38:18 2020 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-cherokee_cryptor__libssl__dh__2048.c,v 1.1 2020/04/15 22:38:19 joerg Exp $
+
+Use OpenSSL 1.1 interface.
+
+--- cherokee/cryptor_libssl_dh_2048.c.orig 2020-04-13 20:11:21.574212142 +0000
++++ cherokee/cryptor_libssl_dh_2048.c
+@@ -34,9 +34,10 @@ static DH *get_dh2048()
+ DH *dh;
+
+ if ((dh=DH_new()) == NULL) return(NULL);
+- dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
+- dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
+- if ((dh->p == NULL) || (dh->g == NULL))
++ BIGNUM *p = BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
++ BIGNUM *g = BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
++ DH_set0_pqg(dh, p, NULL, g);
++ if (p == NULL || g == NULL)
+ { DH_free(dh); return(NULL); }
+ return(dh);
+ }
diff -r 342607a556c4 -r 0e22ad2ff25c www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__4096.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__4096.c Wed Apr 15 22:38:18 2020 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-cherokee_cryptor__libssl__dh__4096.c,v 1.1 2020/04/15 22:38:19 joerg Exp $
+
+Use OpenSSL 1.1 interface.
+
+--- cherokee/cryptor_libssl_dh_4096.c.orig 2020-04-13 20:07:50.092112602 +0000
++++ cherokee/cryptor_libssl_dh_4096.c
+@@ -55,9 +55,10 @@ static DH *get_dh4096()
+ DH *dh;
+
+ if ((dh=DH_new()) == NULL) return(NULL);
+- dh->p=BN_bin2bn(dh4096_p,sizeof(dh4096_p),NULL);
+- dh->g=BN_bin2bn(dh4096_g,sizeof(dh4096_g),NULL);
+- if ((dh->p == NULL) || (dh->g == NULL))
++ BIGNUM *p = BN_bin2bn(dh4096_p,sizeof(dh4096_p),NULL);
++ BIGNUM *g = BN_bin2bn(dh4096_g,sizeof(dh4096_g),NULL);
++ DH_set0_pqg(dh, p, NULL, g);
++ if (p == NULL || g == NULL)
+ { DH_free(dh); return(NULL); }
+ return(dh);
+ }
diff -r 342607a556c4 -r 0e22ad2ff25c www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__512.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__512.c Wed Apr 15 22:38:18 2020 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-cherokee_cryptor__libssl__dh__512.c,v 1.1 2020/04/15 22:38:19 joerg Exp $
+
+Use OpenSSL 1.1 interface.
+
+--- cherokee/cryptor_libssl_dh_512.c.orig 2020-04-13 20:12:04.828129889 +0000
++++ cherokee/cryptor_libssl_dh_512.c
+@@ -18,9 +18,10 @@ static DH *get_dh512()
+ DH *dh;
+
+ if ((dh=DH_new()) == NULL) return(NULL);
+- dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
+- dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
+- if ((dh->p == NULL) || (dh->g == NULL))
++ BIGNUM *p = BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
++ BIGNUM *g = BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
++ DH_set0_pqg(dh, p, NULL, g);
++ if (p == NULL || g == NULL)
+ { DH_free(dh); return(NULL); }
+ return(dh);
+ }
Home |
Main Index |
Thread Index |
Old Index