summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorwangmy <wangmy@fujitsu.com>2022-07-23 13:38:22 +0800
committerKhem Raj <raj.khem@gmail.com>2022-07-26 10:40:35 -0400
commit52be803ba5f6c9ac6ea72d636e01913db2fe5968 (patch)
tree1c2e4b8d347e98e37cacb05098b2e61bde644c6d
parente174de32efeabc531275260e57436593bb101a39 (diff)
downloadmeta-openembedded-52be803ba5f6c9ac6ea72d636e01913db2fe5968.tar.gz
stunnel: upgrade 5.64 -> 5.65
fix-openssl-no-des.patch refreshed for version 5.65 Changelog: ========== Security bugfixes OpenSSL DLLs updated to version 3.0.5. Bugfixes Fixed handling globally enabled FIPS. Fixed the default openssl.cnf path in stunnel.exe. Fixed a number of MSVC warnings. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
-rw-r--r--meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch24
-rw-r--r--meta-networking/recipes-support/stunnel/stunnel_5.65.bb (renamed from meta-networking/recipes-support/stunnel/stunnel_5.64.bb)2
2 files changed, 18 insertions, 8 deletions
diff --git a/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch b/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch
index aeb0bece9..0840cbbd8 100644
--- a/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch
+++ b/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch
@@ -1,3 +1,8 @@
1From 7ff4eba20b5c4fc7365e5ee0dfb775ed29bdd5ce Mon Sep 17 00:00:00 2001
2From: Kai Kang <kai.kang@windriver.com>
3Date: Wed, 1 Nov 2017 09:23:41 -0400
4Subject: [PATCH] stunnel: fix compile error when openssl disable des support
5
1Upstream-Status: Pending 6Upstream-Status: Pending
2 7
3When openssl disable des support with configure option 'no-des', it doesn't 8When openssl disable des support with configure option 'no-des', it doesn't
@@ -6,12 +11,17 @@ failed. Fix it by checking macro OPENSSL_NO_DES to use openssl des related
6library conditionaly. 11library conditionaly.
7 12
8Signed-off-by: Kai Kang <kai.kang@windriver.com> 13Signed-off-by: Kai Kang <kai.kang@windriver.com>
14
9--- 15---
16 src/common.h | 2 ++
17 src/protocol.c | 6 +++---
18 2 files changed, 5 insertions(+), 3 deletions(-)
19
10diff --git a/src/common.h b/src/common.h 20diff --git a/src/common.h b/src/common.h
11index f7d38b0..bf485af 100644 21index bc37eb5..03ee3e5 100644
12--- a/src/common.h 22--- a/src/common.h
13+++ b/src/common.h 23+++ b/src/common.h
14@@ -478,7 +478,9 @@ extern char *sys_errlist[]; 24@@ -486,7 +486,9 @@ extern char *sys_errlist[];
15 #ifndef OPENSSL_NO_MD4 25 #ifndef OPENSSL_NO_MD4
16 #include <openssl/md4.h> 26 #include <openssl/md4.h>
17 #endif /* !defined(OPENSSL_NO_MD4) */ 27 #endif /* !defined(OPENSSL_NO_MD4) */
@@ -22,19 +32,19 @@ index f7d38b0..bf485af 100644
22 #include <openssl/dh.h> 32 #include <openssl/dh.h>
23 #if OPENSSL_VERSION_NUMBER<0x10100000L 33 #if OPENSSL_VERSION_NUMBER<0x10100000L
24diff --git a/src/protocol.c b/src/protocol.c 34diff --git a/src/protocol.c b/src/protocol.c
25index 587df09..8198eb6 100644 35index 804f115..d9b2b50 100644
26--- a/src/protocol.c 36--- a/src/protocol.c
27+++ b/src/protocol.c 37+++ b/src/protocol.c
28@@ -67,7 +67,7 @@ NOEXPORT char *imap_server(CLI *, SERVICE_OPTIONS *, const PHASE); 38@@ -66,7 +66,7 @@ NOEXPORT char *nntp_client(CLI *, SERVICE_OPTIONS *, const PHASE);
29 NOEXPORT char *ldap_client(CLI *, SERVICE_OPTIONS *, const PHASE); 39 NOEXPORT char *ldap_client(CLI *, SERVICE_OPTIONS *, const PHASE);
30 NOEXPORT char *connect_server(CLI *, SERVICE_OPTIONS *, const PHASE); 40 NOEXPORT char *connect_server(CLI *, SERVICE_OPTIONS *, const PHASE);
31 NOEXPORT char *connect_client(CLI *, SERVICE_OPTIONS *, const PHASE); 41 NOEXPORT char *connect_client(CLI *, SERVICE_OPTIONS *, const PHASE);
32-#ifndef OPENSSL_NO_MD4 42-#ifndef OPENSSL_NO_MD4
33+#if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DES) 43+#if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DES)
34 NOEXPORT void ntlm(CLI *, SERVICE_OPTIONS *); 44 NOEXPORT void ntlm(CLI *, SERVICE_OPTIONS *);
35 NOEXPORT char *ntlm1(); 45 NOEXPORT char *ntlm1(void);
36 NOEXPORT char *ntlm3(char *, char *, char *, char *); 46 NOEXPORT char *ntlm3(char *, char *, char *, char *);
37@@ -1332,7 +1332,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) { 47@@ -1351,7 +1351,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) {
38 fd_printf(c, c->remote_fd.fd, "Host: %s", opt->protocol_host); 48 fd_printf(c, c->remote_fd.fd, "Host: %s", opt->protocol_host);
39 if(opt->protocol_username && opt->protocol_password) { 49 if(opt->protocol_username && opt->protocol_password) {
40 if(!strcasecmp(opt->protocol_authentication, "ntlm")) { 50 if(!strcasecmp(opt->protocol_authentication, "ntlm")) {
@@ -43,7 +53,7 @@ index 587df09..8198eb6 100644
43 ntlm(c, opt); 53 ntlm(c, opt);
44 #else 54 #else
45 s_log(LOG_ERR, "NTLM authentication is not available"); 55 s_log(LOG_ERR, "NTLM authentication is not available");
46@@ -1376,7 +1376,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) { 56@@ -1395,7 +1395,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) {
47 return NULL; 57 return NULL;
48 } 58 }
49 59
diff --git a/meta-networking/recipes-support/stunnel/stunnel_5.64.bb b/meta-networking/recipes-support/stunnel/stunnel_5.65.bb
index 13ecd5c5b..ab7ff4322 100644
--- a/meta-networking/recipes-support/stunnel/stunnel_5.64.bb
+++ b/meta-networking/recipes-support/stunnel/stunnel_5.65.bb
@@ -11,7 +11,7 @@ SRC_URI = "https://stunnel.org/archive/5.x/${BP}.tar.gz \
11 file://fix-openssl-no-des.patch \ 11 file://fix-openssl-no-des.patch \
12" 12"
13 13
14SRC_URI[sha256sum] = "eebe53ed116ba43b2e786762b0c2b91511e7b74857ad4765824e7199e6faf883" 14SRC_URI[sha256sum] = "60c500063bd1feff2877f5726e38278c086f96c178f03f09d264a2012d6bf7fc"
15 15
16inherit autotools bash-completion pkgconfig 16inherit autotools bash-completion pkgconfig
17 17