diff options
| author | Rosen Penev <rosenp@gmail.com> | 2018-08-25 21:13:34 -0700 |
|---|---|---|
| committer | Yousong Zhou <yszhou4tech@gmail.com> | 2018-10-10 09:52:44 +0800 |
| commit | 5a610ab565f06aa3cdf4de6a6557f1ed3e802d4d (patch) | |
| tree | e611ffc70a6015f220f6259be92872b8aaad1125 /net/wifidog | |
| parent | 79c5c78115443df7c26b643aca38e4679950a6ab (diff) | |
wifidog: Change to use TLS above 1.0
This should fix compilation as wolfSSL currently does not define
wolfTLSv1_client_method. And as the comment suggests, this is only TLS 1,
not 1.0 and above.
SSLv23 is TLS 1.1 and above as currently configured in the wolfssl package
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Diffstat (limited to 'net/wifidog')
| -rw-r--r-- | net/wifidog/Makefile | 2 | ||||
| -rw-r--r-- | net/wifidog/patches/010-use-tls-above-1.patch | 38 |
2 files changed, 39 insertions, 1 deletions
diff --git a/net/wifidog/Makefile b/net/wifidog/Makefile index 3cf0c2208..15b975a0c 100644 --- a/net/wifidog/Makefile +++ b/net/wifidog/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wifidog PKG_VERSION:=1.3.0 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_LICENSE:=GPL-2.0 diff --git a/net/wifidog/patches/010-use-tls-above-1.patch b/net/wifidog/patches/010-use-tls-above-1.patch new file mode 100644 index 000000000..ba397506a --- /dev/null +++ b/net/wifidog/patches/010-use-tls-above-1.patch @@ -0,0 +1,38 @@ +diff --git a/configure.in b/configure.in +index bf5463a..43ec27c 100644 +--- a/configure.in ++++ b/configure.in +@@ -96,8 +96,8 @@ if test "x$enable_cyassl" = xyes; then + # the use the new naming scheme below as cyassl/ssl.h is not available for + # AC_SEARCH_LIBS + AC_CHECK_HEADERS(cyassl/ssl.h) +- AC_SEARCH_LIBS([CyaTLSv1_client_method], [cyassl], [], [ +- AC_SEARCH_LIBS([wolfTLSv1_client_method], [wolfssl], [], [ ++ AC_SEARCH_LIBS([CyaSSLv23_client_method], [cyassl], [], [ ++ AC_SEARCH_LIBS([wolfSSLv23_client_method], [wolfssl], [], [ + AC_MSG_ERROR([unable to locate SSL lib: either wolfSSL or CyaSSL needed.]) + ]) + ]) +@@ -110,7 +110,7 @@ if test "x$enable_cyassl" = xyes; then + ]], [[ + CYASSL_CTX *ctx; + CyaSSL_Init(); +- ctx = CyaSSL_CTX_new(CyaTLSv1_client_method()); ++ ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); + CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, "wifidog.org", 11); + ]])], [enabled_sni=yes], [enabled_sni=no]) + +diff --git a/src/simple_http.c b/src/simple_http.c +index f0e27ee..7271021 100644 +--- a/src/simple_http.c ++++ b/src/simple_http.c +@@ -162,8 +162,7 @@ get_cyassl_ctx(const char *hostname) + if (NULL == cyassl_ctx) { + CyaSSL_Init(); + /* Create the CYASSL_CTX */ +- /* Allow TLSv1.0 up to TLSv1.2 */ +- if ((cyassl_ctx = CyaSSL_CTX_new(CyaTLSv1_client_method())) == NULL) { ++ if ((cyassl_ctx = CyaSSL_CTX_new(CyaSSLv23_client_method())) == NULL) { + debug(LOG_ERR, "Could not create CYASSL context."); + UNLOCK_CYASSL_CTX(); + return NULL; |