packages/net/openvpn/patches/102-Disable-external-ec-key-support-when-building-with-wolfSSL.patch
Martin Schiller 0eedafdbda openvpn: update to 2.6.5 and add DCO support
This commit updates openvpn to version 2.6.5 and add DCO support.

There are several changes:

- Starting with version 2.6.0, the sources are only provided as .tar.gz
  file.

- removed OPENVPN_<variant>_ENABLE_MULTIHOME:
  multihome support is always included and cannot be disabled anymore
  with 2.6.x.

- removed OPENVPN_<variant>_ENABLE_DEF_AUTH:
  deferred auth support is always included and cannot be disabled
  anymore with 2.6.x.

- removed OPENVPN_<variant>_ENABLE_PF:
  PF (packet filtering) support was removed in 2.6.x.

- The internal lz4 library was removed in 2.6.x; we now use the liblz4
  package if needed

- To increase reproducibility, _DATE_ is only used for development
  builds and not in release builds in 2.6.x.

- wolfSSL support was integrated into upstream openvpn

- DES support was removed from openvpn

The first two wolfSSL patches were created following these 2 commits:
4cf01c8e43
028b501734

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2023-07-24 22:50:06 -07:00

20 lines
763 B
Diff

--- a/src/openvpn/ssl_openssl.c
+++ b/src/openvpn/ssl_openssl.c
@@ -1351,7 +1351,7 @@ err:
return 0;
}
-#if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(OPENSSL_NO_EC)
+#if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(OPENSSL_NO_EC) && !defined(ENABLE_CRYPTO_WOLFSSL)
/* called when EC_KEY is destroyed */
static void
@@ -1512,7 +1512,7 @@ tls_ctx_use_management_external_key(stru
goto cleanup;
}
}
-#if (OPENSSL_VERSION_NUMBER > 0x10100000L) && !defined(OPENSSL_NO_EC)
+#if (OPENSSL_VERSION_NUMBER > 0x10100000L) && !defined(OPENSSL_NO_EC) && !defined(ENABLE_CRYPTO_WOLFSSL)
#if OPENSSL_VERSION_NUMBER < 0x30000000L
else if (EVP_PKEY_id(pkey) == EVP_PKEY_EC)
#else /* OPENSSL_VERSION_NUMBER < 0x30000000L */