cubixle/packages
1
0
Fork 0
mirror of https://github.com/novatiq/packages.git synced 2026-04-30 07:28:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

softethervpn: updated to version 4.22-9634

Browse Source 
- bugfix #3629
- readded nossl3 patch

Signed-Off-by: Federico Di Marco <fededim@gmail.com>
This commit is contained in:
Federico Di Marco
2016-12-31 04:20:32 +01:00
parent a876e13fd6
commit 45fcd8c37e
3 changed files with 109 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files
net/softethervpn/patches/105-nossl3.patch
+33
View File
@@ -0,0 +1,33 @@
Index: v4.22-9634/src/Mayaqua/Network.c
===================================================================
--- v4.22-9634.orig/src/Mayaqua/Network.c
+++ v4.22-9634/src/Mayaqua/Network.c
@@ -13013,20 +13013,28 @@ bool StartSSLEx(SOCK *sock, X *x, K *pri
}
else
{
+#ifndef SSL_OP_NO_SSLv3
if (client_tls == false)
{
SSL_CTX_set_ssl_version(ssl_ctx, SSLv3_method());
}
else
{
+#endif // SSL_OP_NO_SSLv3
SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_client_method());
+#ifndef SSL_OP_NO_SSLv3
}
+#endif // SSL_OP_NO_SSLv3
}
sock->ssl = SSL_new(ssl_ctx);
SSL_set_fd(sock->ssl, (int)sock->socket);
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
+#ifndef SSL_OP_NO_SSLv3
if (sock->ServerMode == false && client_tls)
+#else
+ if (sock->ServerMode == false)
+#endif // SSL_OP_NO_SSLv3
{
if (IsEmptyStr(sni_hostname) == false)
{
net/softethervpn/patches/105-nosslv3.patch
-50
View File
@@ -1,50 +0,0 @@
--- a/src/Mayaqua/Network.c
+++ b/src/Mayaqua/Network.c
@@ -12966,35 +12966,46 @@ bool StartSSLEx(SOCK *sock, X *x, K *pri
{
if (sock->ServerMode)
{
+#ifdef SSL3_SUPPORT
if (sock->AcceptOnlyTls == false)
{
SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
}
else
{
+#endif
SSL_CTX_set_ssl_version(ssl_ctx, TLSv1_method());
+#ifdef SSL3_SUPPORT
}
-
+#endif
Unlock(openssl_lock);
AddChainSslCertOnDirectory(ssl_ctx);
Lock(openssl_lock);
}
else
{
+#ifdef SSL3_SUPPORT
if (client_tls == false)
{
SSL_CTX_set_ssl_version(ssl_ctx, SSLv3_method());
}
else
{
+#endif
SSL_CTX_set_ssl_version(ssl_ctx, TLSv1_client_method());
+#ifdef SSL3_SUPPORT
}
+#endif
}
sock->ssl = SSL_new(ssl_ctx);
SSL_set_fd(sock->ssl, (int)sock->socket);
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
+# ifdef SSL3_SUPPORT
if (sock->ServerMode == false && client_tls)
+# else
+ if (sock->ServerMode == false)
+#endif
{
if (IsEmptyStr(sni_hostname) == false)
{