diff options
Diffstat (limited to 'net/openvpn/patches/220-disable_des.patch')
| -rw-r--r-- | net/openvpn/patches/220-disable_des.patch | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/net/openvpn/patches/220-disable_des.patch b/net/openvpn/patches/220-disable_des.patch new file mode 100644 index 000000000..2b8f47a80 --- /dev/null +++ b/net/openvpn/patches/220-disable_des.patch @@ -0,0 +1,81 @@ +--- a/src/openvpn/syshead.h ++++ b/src/openvpn/syshead.h +@@ -597,11 +597,11 @@ socket_defined(const socket_descriptor_t + /* + * Should we include NTLM proxy functionality + */ +-#if defined(ENABLE_CRYPTO) +-#define NTLM 1 +-#else ++//#if defined(ENABLE_CRYPTO) ++//#define NTLM 1 ++//#else + #define NTLM 0 +-#endif ++//#endif + + /* + * Should we include proxy digest auth functionality +--- a/src/openvpn/crypto_mbedtls.c ++++ b/src/openvpn/crypto_mbedtls.c +@@ -319,6 +319,7 @@ int + key_des_num_cblocks(const mbedtls_cipher_info_t *kt) + { + int ret = 0; ++#ifdef MBEDTLS_DES_C + if (kt->type == MBEDTLS_CIPHER_DES_CBC) + { + ret = 1; +@@ -331,6 +332,7 @@ key_des_num_cblocks(const mbedtls_cipher + { + ret = 3; + } ++#endif + + dmsg(D_CRYPTO_DEBUG, "CRYPTO INFO: n_DES_cblocks=%d", ret); + return ret; +@@ -339,6 +341,7 @@ key_des_num_cblocks(const mbedtls_cipher + bool + key_des_check(uint8_t *key, int key_len, int ndc) + { ++#ifdef MBEDTLS_DES_C + int i; + struct buffer b; + +@@ -367,11 +370,15 @@ key_des_check(uint8_t *key, int key_len, + + err: + return false; ++#else ++ return true; ++#endif + } + + void + key_des_fixup(uint8_t *key, int key_len, int ndc) + { ++#ifdef MBEDTLS_DES_C + int i; + struct buffer b; + +@@ -386,6 +393,7 @@ key_des_fixup(uint8_t *key, int key_len, + } + mbedtls_des_key_set_parity(key); + } ++#endif + } + + /* +@@ -705,10 +713,12 @@ cipher_des_encrypt_ecb(const unsigned ch + unsigned char *src, + unsigned char *dst) + { ++#ifdef MBEDTLS_DES_C + mbedtls_des_context ctx; + + ASSERT(mbed_ok(mbedtls_des_setkey_enc(&ctx, key))); + ASSERT(mbed_ok(mbedtls_des_crypt_ecb(&ctx, src, dst))); ++#endif + } + + |