calculate
/
gentoo-overlay
7
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8af546ce09'
${ noResults }
gentoo-overlay/net-misc/freerdp/files/2.0.0-rc4-libressl.patch

79 lines
2.8 KiB
Raw Blame History

From 649f49fa61ca98a05b26c3b2a26a1c30ca24ea26 Mon Sep 17 00:00:00 2001
From: Armin Novak <armin.novak@thincast.com>
Date: Thu, 22 Nov 2018 09:23:46 +0100
Subject: [PATCH] Fix #5049: LibreSSL does not have SSL_CTX_set_security_level
---
libfreerdp/crypto/tls.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libfreerdp/crypto/tls.c b/libfreerdp/crypto/tls.c
index 20fde415d8..76f51701fe 100644
--- a/libfreerdp/crypto/tls.c
+++ b/libfreerdp/crypto/tls.c
@@ -656,7 +656,7 @@ static BOOL tls_prepare(rdpTls* tls, BIO* underlying, SSL_METHOD* method,
#endif
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
SSL_CTX_set_security_level(tls->ctx, settings->TlsSecLevel);
#endif
From effa8b8562d5e4b017570815c7e4d8faa0dd9a9e Mon Sep 17 00:00:00 2001
From: akallabeth <akallabeth@posteo.net>
Date: Thu, 22 Nov 2018 19:10:05 +0100
Subject: [PATCH] Fix #5049: Libressl declares OPENSSL_VERSION_NUMBER too high
Need to check specifically for LIBRESSL_VERSION_NUMBER as they
set the version higher than OpenSSL 1.1 but without API support.
---
libfreerdp/crypto/tls.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/libfreerdp/crypto/tls.c b/libfreerdp/crypto/tls.c
index 76f51701fe..ded41f127e 100644
--- a/libfreerdp/crypto/tls.c
+++ b/libfreerdp/crypto/tls.c
@@ -655,8 +655,7 @@ static BOOL tls_prepare(rdpTls* tls, BIO* underlying, SSL_METHOD* method,
SSL_CTX_set_max_proto_version(tls->ctx, 0); /* highest supported version by library */
#endif
-
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
SSL_CTX_set_security_level(tls->ctx, settings->TlsSecLevel);
#endif
From 0c83efa753d0457eb319624f87b491badf75105f Mon Sep 17 00:00:00 2001
From: Armin Novak <armin.novak@thincast.com>
Date: Mon, 7 Jan 2019 14:18:14 +0100
Subject: [PATCH] Fix #5170: Disable custom TLS alert for libressl > 2.8.3
---
libfreerdp/crypto/tls.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libfreerdp/crypto/tls.c b/libfreerdp/crypto/tls.c
index b2cf5416c8..56e16bacb4 100644
--- a/libfreerdp/crypto/tls.c
+++ b/libfreerdp/crypto/tls.c
@@ -1030,7 +1030,8 @@ BOOL tls_send_alert(rdpTls* tls)
* FIXME: The following code does not work on OpenSSL > 1.1.0 because the
* SSL struct is opaqe now
*/
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#if (!defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER < 0x10100000L)) || \
+ (defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER <= 0x2080300fL))
if (tls->alertDescription != TLS_ALERT_DESCRIPTION_CLOSE_NOTIFY)
{
@@ -1057,7 +1058,6 @@ BOOL tls_send_alert(rdpTls* tls)
if (tls->ssl->s3->wbuf.left == 0)
tls->ssl->method->ssl_dispatch_alert(tls->ssl);
}
-
#endif
return TRUE;
}
Reference in new issue View Git Blame Copy Permalink