diff options
| author | Rosen Penev <rosenp@gmail.com> | 2018-11-23 18:18:03 -0800 |
|---|---|---|
| committer | Rosen Penev <rosenp@gmail.com> | 2018-11-23 18:18:03 -0800 |
| commit | 1371b7be878382b8b52cd73ff72a3a41d28013c4 (patch) | |
| tree | 2980780046e38c3254941d43aec706a516b97427 | |
| parent | 98ffcf5136d3cc907641441402070bca0f872694 (diff) | |
vsftpd: Fix compilation without ECC or deprecated APIs
Signed-off-by: Rosen Penev <rosenp@gmail.com>
| -rw-r--r-- | net/vsftpd/Makefile | 9 | ||||
| -rw-r--r-- | net/vsftpd/patches/010-openssl-deprecated.patch | 66 |
2 files changed, 71 insertions, 4 deletions
diff --git a/net/vsftpd/Makefile b/net/vsftpd/Makefile index fdd045e29..696ad3602 100644 --- a/net/vsftpd/Makefile +++ b/net/vsftpd/Makefile @@ -9,15 +9,17 @@ include $(TOPDIR)/rules.mk PKG_NAME:=vsftpd PKG_VERSION:=3.0.3 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://security.appspot.com/downloads/ PKG_HASH:=9d4d2bf6e6e2884852ba4e69e157a2cecd68c5a7635d66a3a8cf8d898c955ef7 -PKG_LICENSE:=GPLv2 - PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) +PKG_MAINTAINER:=Cezary Jackiewicz <cezary@eko.one.pl> +PKG_LICENSE:=GPLv2 +PKG_CPE_ID:=cpe:/a:beasts:vsftpd + include $(INCLUDE_DIR)/package.mk define Package/vsftpd/Default @@ -26,7 +28,6 @@ define Package/vsftpd/Default CATEGORY:=Network TITLE:=Fast and secure FTP server URL:=https://security.appspot.com/vsftpd.html - MAINTAINER:=Cezary Jackiewicz <cezary@eko.one.pl> endef diff --git a/net/vsftpd/patches/010-openssl-deprecated.patch b/net/vsftpd/patches/010-openssl-deprecated.patch new file mode 100644 index 000000000..bbbfbe8e7 --- /dev/null +++ b/net/vsftpd/patches/010-openssl-deprecated.patch @@ -0,0 +1,66 @@ +From 0ea55455703eb69d7617968424e4bede59f39b83 Mon Sep 17 00:00:00 2001 +From: Rosen Penev <rosenp@gmail.com> +Date: Fri, 23 Nov 2018 18:03:32 -0800 +Subject: [PATCH] ssl: Fix compile without Deprecated APIs and no ECC support + +Signed-off-by: Rosen Penev <rosenp@gmail.com> +--- + ssl.c | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/ssl.c b/ssl.c +index c362983..845f77b 100644 +--- a/ssl.c ++++ b/ssl.c +@@ -28,6 +28,9 @@ + #include <openssl/err.h> + #include <openssl/rand.h> + #include <openssl/bio.h> ++#ifndef OPENSSL_NO_EC ++#include <openssl/ec.h> ++#endif + #include <errno.h> + #include <limits.h> + +@@ -59,8 +62,12 @@ ssl_init(struct vsf_session* p_sess) + SSL_CTX* p_ctx; + long options; + int verify_option = 0; ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + SSL_library_init(); + p_ctx = SSL_CTX_new(SSLv23_server_method()); ++#else ++ p_ctx = SSL_CTX_new(TLS_server_method()); ++#endif + if (p_ctx == NULL) + { + die("SSL: could not allocate SSL context"); +@@ -120,6 +127,7 @@ ssl_init(struct vsf_session* p_sess) + { + die("SSL: RNG is not seeded"); + } ++#ifndef OPENSSL_NO_EC + { + EC_KEY* key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); + if (key == NULL) +@@ -129,6 +137,7 @@ ssl_init(struct vsf_session* p_sess) + SSL_CTX_set_tmp_ecdh(p_ctx, key); + EC_KEY_free(key); + } ++#endif + if (tunable_ssl_request_cert) + { + verify_option |= SSL_VERIFY_PEER; +@@ -660,7 +669,9 @@ ssl_cert_digest(SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str) + static char* + get_ssl_error() + { ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + SSL_load_error_strings(); ++#endif + return ERR_error_string(ERR_get_error(), NULL); + } + +-- +2.19.1 + |