external/subpack/net/vsftpd/patches/010-openssl-deprecated.patch - T108 - Gitiles

 From 0ea55455703eb69d7617968424e4bede59f39b83 Mon Sep 17 00:00:00 2001
 From: Rosen Penev <rosenp@gmail.com>
 Date: Fri, 23 Nov 2018 18:03:32 -0800
 Subject: [PATCH] ssl: Fix compile without Deprecated APIs and no ECC support

 Signed-off-by: Rosen Penev <rosenp@gmail.com>
 ---
  ssl.c | 11 +++++++++++
  1 file changed, 11 insertions(+)

 --- a/ssl.c
 +++ b/ssl.c
 @@ -28,6 +28,9 @@
  #include <openssl/err.h>
  #include <openssl/rand.h>
  #include <openssl/bio.h>
 +#ifndef OPENSSL_NO_EC
 +#include <openssl/ec.h>
 +#endif
  #include <errno.h>
  #include <limits.h>

 @@ -59,8 +62,12 @@ ssl_init(struct vsf_session* p_sess)
      SSL_CTX* p_ctx;
      long options;
      int verify_option = 0;
 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
      SSL_library_init();
      p_ctx = SSL_CTX_new(SSLv23_server_method());
 +#else
 +    p_ctx = SSL_CTX_new(TLS_server_method());
 +#endif
      if (p_ctx == NULL)
      {
        die("SSL: could not allocate SSL context");
 @@ -120,6 +127,7 @@ ssl_init(struct vsf_session* p_sess)
      {
        die("SSL: RNG is not seeded");
      }
 +#ifndef OPENSSL_NO_EC
      {
        EC_KEY* key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
        if (key == NULL)
 @@ -129,6 +137,7 @@ ssl_init(struct vsf_session* p_sess)
        SSL_CTX_set_tmp_ecdh(p_ctx, key);
        EC_KEY_free(key);
      }
 +#endif
      if (tunable_ssl_request_cert)
      {
        verify_option |= SSL_VERIFY_PEER;
 @@ -660,7 +669,9 @@ ssl_cert_digest(SSL* p_ssl, struct vsf_s
  static char*
  get_ssl_error()
  {
 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
    SSL_load_error_strings();
 +#endif
    return ERR_error_string(ERR_get_error(), NULL);
  }
	From 0ea55455703eb69d7617968424e4bede59f39b83 Mon Sep 17 00:00:00 2001
	From: Rosen Penev <rosenp@gmail.com>
	Date: Fri, 23 Nov 2018 18:03:32 -0800
	Subject: [PATCH] ssl: Fix compile without Deprecated APIs and no ECC support

	Signed-off-by: Rosen Penev <rosenp@gmail.com>
	---
	ssl.c \| 11 +++++++++++
	1 file changed, 11 insertions(+)

	--- a/ssl.c
	+++ b/ssl.c
	@@ -28,6 +28,9 @@
	#include <openssl/err.h>
	#include <openssl/rand.h>
	#include <openssl/bio.h>
	+#ifndef OPENSSL_NO_EC
	+#include <openssl/ec.h>
	+#endif
	#include <errno.h>
	#include <limits.h>

	@@ -59,8 +62,12 @@ ssl_init(struct vsf_session* p_sess)
	SSL_CTX* p_ctx;
	long options;
	int verify_option = 0;
	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
	SSL_library_init();
	p_ctx = SSL_CTX_new(SSLv23_server_method());
	+#else
	+ p_ctx = SSL_CTX_new(TLS_server_method());
	+#endif
	if (p_ctx == NULL)
	{
	die("SSL: could not allocate SSL context");
	@@ -120,6 +127,7 @@ ssl_init(struct vsf_session* p_sess)
	{
	die("SSL: RNG is not seeded");
	}
	+#ifndef OPENSSL_NO_EC
	{
	EC_KEY* key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
	if (key == NULL)
	@@ -129,6 +137,7 @@ ssl_init(struct vsf_session* p_sess)
	SSL_CTX_set_tmp_ecdh(p_ctx, key);
	EC_KEY_free(key);
	}
	+#endif
	if (tunable_ssl_request_cert)
	{
	verify_option \|= SSL_VERIFY_PEER;
	@@ -660,7 +669,9 @@ ssl_cert_digest(SSL* p_ssl, struct vsf_s
	static char*
	get_ssl_error()
	{
	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
	SSL_load_error_strings();
	+#endif
	return ERR_error_string(ERR_get_error(), NULL);
	}