hostapd: Fix compile with OpenSSL 1.1.0 + no deprecated APIs
authorRosen Penev <rosenp@gmail.com>
Sun, 2 Sep 2018 02:06:54 +0000 (19:06 -0700)
committerJo-Philipp Wich <jo@mein.io>
Tue, 18 Dec 2018 10:28:13 +0000 (11:28 +0100)
Patch was accepted upsteam:

https://w1.fi/cgit/hostap/commit/?id=373c796948599a509bad71695b5b72eef003f661

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(backported from f78e07ad2a0926739310f8a6fd74a7b162123c98)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
package/network/services/hostapd/patches/700-fix-openssl11.patch [new file with mode: 0644]

diff --git a/package/network/services/hostapd/patches/700-fix-openssl11.patch b/package/network/services/hostapd/patches/700-fix-openssl11.patch
new file mode 100644 (file)
index 0000000..86343c1
--- /dev/null
@@ -0,0 +1,35 @@
+From 672540d4ddbd24782b5c65b35d636bdfe8a90d0f Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Fri, 15 Jun 2018 18:35:30 -0700
+Subject: [PATCH] Fix compile with OpenSSL 1.1.0 and deprecated APIs
+
+SSL_session_reused is the same as SSL_cache_hit. The engine load stuff is
+now handled by OPENSSL_init.
+
+Signed-off-by: Rosen Penev <rosenp@gmail.com>
+---
+ src/crypto/tls_openssl.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/src/crypto/tls_openssl.c
++++ b/src/crypto/tls_openssl.c
+@@ -1024,8 +1024,10 @@ void * tls_init(const struct tls_config
+ #ifndef OPENSSL_NO_ENGINE
+       wpa_printf(MSG_DEBUG, "ENGINE: Loading dynamic engine");
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+       ERR_load_ENGINE_strings();
+       ENGINE_load_dynamic();
++#endif /* OPENSSL_VERSION_NUMBER */
+       if (conf &&
+           (conf->opensc_engine_path || conf->pkcs11_engine_path ||
+@@ -3874,7 +3876,7 @@ struct wpabuf * tls_connection_decrypt(v
+ int tls_connection_resumed(void *ssl_ctx, struct tls_connection *conn)
+ {
+-      return conn ? SSL_cache_hit(conn->ssl) : 0;
++      return conn ? SSL_session_reused(conn->ssl) : 0;
+ }