+++ /dev/null
-if PACKAGE_openvpn-nossl
-
-config OPENVPN_nossl_ENABLE_LZO
- bool "Enable LZO compression support"
- default y
-
-config OPENVPN_nossl_ENABLE_LZ4
- bool "Enable LZ4 compression support"
- default y
-
-config OPENVPN_nossl_ENABLE_SERVER
- bool "Enable server support (otherwise only client mode is support)"
- default y
-
-config OPENVPN_nossl_ENABLE_MANAGEMENT
- bool "Enable management server support"
- default n
-
-config OPENVPN_nossl_ENABLE_FRAGMENT
- bool "Enable internal fragmentation support (--fragment)"
- default y
-
-config OPENVPN_nossl_ENABLE_MULTIHOME
- bool "Enable multi-homed UDP server support (--multihome)"
- default y
-
-config OPENVPN_nossl_ENABLE_PORT_SHARE
- bool "Enable TCP server port-share support (--port-share)"
- default y
-
-config OPENVPN_nossl_ENABLE_DEF_AUTH
- bool "Enable deferred authentication"
- default y
-
-config OPENVPN_nossl_ENABLE_PF
- bool "Enable internal packet filter"
- default y
-
-config OPENVPN_nossl_ENABLE_IPROUTE2
- bool "Enable support for iproute2"
- default n
-
-config OPENVPN_nossl_ENABLE_SMALL
- bool "Enable size optimization"
- default y
- help
- enable smaller executable size (disable OCC, usage
- message, and verb 4 parm list)
-
-endif
+++ /dev/null
-From 17a476fd5c8cc49f1d103a50199e87ede76b1b67 Mon Sep 17 00:00:00 2001
-From: Steffan Karger <steffan@karger.me>
-Date: Sun, 26 Nov 2017 16:04:00 +0100
-Subject: [PATCH] openssl: don't use deprecated SSLEAY/SSLeay symbols
-
-Compiling our current master against OpenSSL 1.1 with
--DOPENSSL_API_COMPAT=0x10100000L screams bloody murder. This patch fixes
-the errors about the deprecated SSLEAY/SSLeay symbols and defines.
-
-Signed-off-by: Steffan Karger <steffan@karger.me>
-Acked-by: Gert Doering <gert@greenie.muc.de>
-Message-Id: <20171126150401.28565-1-steffan@karger.me>
-URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15934.html
-Signed-off-by: Gert Doering <gert@greenie.muc.de>
----
- configure.ac | 1 +
- src/openvpn/openssl_compat.h | 8 ++++++++
- src/openvpn/ssl_openssl.c | 2 +-
- 3 files changed, 10 insertions(+), 1 deletion(-)
-
---- a/configure.ac
-+++ b/configure.ac
-@@ -898,6 +898,7 @@ if test "${enable_crypto}" = "yes" -a "$
- EVP_MD_CTX_free \
- EVP_MD_CTX_reset \
- EVP_CIPHER_CTX_reset \
-+ OpenSSL_version \
- SSL_CTX_get_default_passwd_cb \
- SSL_CTX_get_default_passwd_cb_userdata \
- SSL_CTX_set_security_level \
---- a/src/openvpn/openssl_compat.h
-+++ b/src/openvpn/openssl_compat.h
-@@ -689,6 +689,14 @@ EC_GROUP_order_bits(const EC_GROUP *grou
- #endif
-
- /* SSLeay symbols have been renamed in OpenSSL 1.1 */
-+#ifndef OPENSSL_VERSION
-+#define OPENSSL_VERSION SSLEAY_VERSION
-+#endif
-+
-+#ifndef HAVE_OPENSSL_VERSION
-+#define OpenSSL_version SSLeay_version
-+#endif
-+
- #if !defined(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT)
- #define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT
- #endif
---- a/src/openvpn/ssl_openssl.c
-+++ b/src/openvpn/ssl_openssl.c
-@@ -2018,7 +2018,7 @@ get_highest_preference_tls_cipher(char *
- const char *
- get_ssl_library_version(void)
- {
-- return SSLeay_version(SSLEAY_VERSION);
-+ return OpenSSL_version(OPENSSL_VERSION);
- }
-
- #endif /* defined(ENABLE_CRYPTO) && defined(ENABLE_CRYPTO_OPENSSL) */
+++ /dev/null
-From 1987498271abadf042d8bb3feee1fe0d877a9d55 Mon Sep 17 00:00:00 2001
-From: Steffan Karger <steffan@karger.me>
-Date: Sun, 26 Nov 2017 16:49:12 +0100
-Subject: [PATCH] openssl: add missing #include statements
-
-Compiling our current master against OpenSSL 1.1 with
--DOPENSSL_API_COMPAT=0x10100000L screams bloody murder. This patch fixes
-the errors caused by missing includes. Previous openssl versions would
-usually include 'the rest of the world', but they're fixing that. So we
-should no longer rely on it.
-
-(And sneaking in alphabetic ordering of the includes while touching them.)
-
-Signed-off-by: Steffan Karger <steffan@karger.me>
-Acked-by: Gert Doering <gert@greenie.muc.de>
-Message-Id: <20171126154912.13283-1-steffan@karger.me>
-URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15936.html
-Signed-off-by: Gert Doering <gert@greenie.muc.de>
----
- src/openvpn/openssl_compat.h | 1 +
- src/openvpn/ssl_openssl.c | 6 +++++-
- src/openvpn/ssl_verify_openssl.c | 3 ++-
- 3 files changed, 8 insertions(+), 2 deletions(-)
-
---- a/src/openvpn/openssl_compat.h
-+++ b/src/openvpn/openssl_compat.h
-@@ -42,6 +42,7 @@
-
- #include "buffer.h"
-
-+#include <openssl/rsa.h>
- #include <openssl/ssl.h>
- #include <openssl/x509.h>
-
---- a/src/openvpn/ssl_openssl.c
-+++ b/src/openvpn/ssl_openssl.c
-@@ -52,10 +52,14 @@
-
- #include "ssl_verify_openssl.h"
-
-+#include <openssl/bn.h>
-+#include <openssl/crypto.h>
-+#include <openssl/dh.h>
-+#include <openssl/dsa.h>
- #include <openssl/err.h>
- #include <openssl/pkcs12.h>
-+#include <openssl/rsa.h>
- #include <openssl/x509.h>
--#include <openssl/crypto.h>
- #ifndef OPENSSL_NO_EC
- #include <openssl/ec.h>
- #endif
---- a/src/openvpn/ssl_verify_openssl.c
-+++ b/src/openvpn/ssl_verify_openssl.c
-@@ -44,8 +44,9 @@
- #include "ssl_verify_backend.h"
- #include "openssl_compat.h"
-
--#include <openssl/x509v3.h>
-+#include <openssl/bn.h>
- #include <openssl/err.h>
-+#include <openssl/x509v3.h>
-
- int
- verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
projects / librecmc / librecmc.git / commitdiff