aboutsummaryrefslogtreecommitdiffstats
path: root/testing/libtls-standalone/openssl-1.1.0-verify-param.patch
diff options
context:
space:
mode:
authorWilliam Pitcock <nenolod@dereferenced.org>2018-10-24 18:43:38 -0500
committerWilliam Pitcock <nenolod@dereferenced.org>2018-10-24 18:44:53 -0500
commit6966c8e0302819c69535751bc8d52d7d7d4c9627 (patch)
tree5ad4f328cff40e756010197a0547beaa08d4576f /testing/libtls-standalone/openssl-1.1.0-verify-param.patch
parent49f656ed06ba914f117dc609c955b946ea36a044 (diff)
downloadaports-6966c8e0302819c69535751bc8d52d7d7d4c9627.tar.gz
aports-6966c8e0302819c69535751bc8d52d7d7d4c9627.tar.bz2
aports-6966c8e0302819c69535751bc8d52d7d7d4c9627.tar.xz
testing/libtls-standalone: port to openssl 1.1.0 API
Diffstat (limited to 'testing/libtls-standalone/openssl-1.1.0-verify-param.patch')
-rw-r--r--testing/libtls-standalone/openssl-1.1.0-verify-param.patch50
1 files changed, 50 insertions, 0 deletions
diff --git a/testing/libtls-standalone/openssl-1.1.0-verify-param.patch b/testing/libtls-standalone/openssl-1.1.0-verify-param.patch
new file mode 100644
index 0000000000..ef3f948e02
--- /dev/null
+++ b/testing/libtls-standalone/openssl-1.1.0-verify-param.patch
@@ -0,0 +1,50 @@
+--- libressl-2.7.4.orig/tls/tls.c
++++ libressl-2.7.4/tls/tls.c
+@@ -438,8 +438,16 @@
+ }
+
+ if (ctx->config->verify_time == 0) {
+- X509_VERIFY_PARAM_set_flags(ssl_ctx->param,
+- X509_V_FLAG_NO_CHECK_TIME);
++ X509_VERIFY_PARAM *param = X509_VERIFY_PARAM_new();
++
++ if (param == NULL) {
++ goto err;
++ }
++
++ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_NO_CHECK_TIME);
++ SSL_CTX_set1_param(ssl_ctx, param);
++
++ X509_VERIFY_PARAM_free(param);
+ }
+
+ /* Disable any form of session caching by default */
+@@ -487,6 +495,7 @@
+ STACK_OF(X509_INFO) *xis = NULL;
+ X509_STORE *store;
+ X509_INFO *xi;
++ X509_VERIFY_PARAM *param;
+ BIO *bio = NULL;
+ int rv = -1;
+ int i;
+@@ -548,8 +557,19 @@
+ }
+ xi->crl = NULL;
+ }
+- X509_VERIFY_PARAM_set_flags(store->param,
++
++ param = X509_VERIFY_PARAM_new();
++
++ if (param == NULL) {
++ goto err;
++ }
++
++ X509_VERIFY_PARAM_set_flags(param,
+ X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
++
++ X509_STORE_set1_param(store, param);
++
++ X509_VERIFY_PARAM_free(param);
+ }
+
+ done: