diff options
| author | wangmy <wangmy@fujitsu.com> | 2022-07-23 13:38:22 +0800 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2022-07-26 10:40:35 -0400 |
| commit | 52be803ba5f6c9ac6ea72d636e01913db2fe5968 (patch) | |
| tree | 1c2e4b8d347e98e37cacb05098b2e61bde644c6d | |
| parent | e174de32efeabc531275260e57436593bb101a39 (diff) | |
| download | meta-openembedded-52be803ba5f6c9ac6ea72d636e01913db2fe5968.tar.gz | |
stunnel: upgrade 5.64 -> 5.65
fix-openssl-no-des.patch
refreshed for version 5.65
Changelog:
==========
Security bugfixes
OpenSSL DLLs updated to version 3.0.5.
Bugfixes
Fixed handling globally enabled FIPS.
Fixed the default openssl.cnf path in stunnel.exe.
Fixed a number of MSVC warnings.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
| -rw-r--r-- | meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch | 24 | ||||
| -rw-r--r-- | meta-networking/recipes-support/stunnel/stunnel_5.65.bb (renamed from meta-networking/recipes-support/stunnel/stunnel_5.64.bb) | 2 |
2 files changed, 18 insertions, 8 deletions
diff --git a/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch b/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch index aeb0bece9..0840cbbd8 100644 --- a/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch +++ b/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch | |||
| @@ -1,3 +1,8 @@ | |||
| 1 | From 7ff4eba20b5c4fc7365e5ee0dfb775ed29bdd5ce Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Kai Kang <kai.kang@windriver.com> | ||
| 3 | Date: Wed, 1 Nov 2017 09:23:41 -0400 | ||
| 4 | Subject: [PATCH] stunnel: fix compile error when openssl disable des support | ||
| 5 | |||
| 1 | Upstream-Status: Pending | 6 | Upstream-Status: Pending |
| 2 | 7 | ||
| 3 | When openssl disable des support with configure option 'no-des', it doesn't | 8 | When openssl disable des support with configure option 'no-des', it doesn't |
| @@ -6,12 +11,17 @@ failed. Fix it by checking macro OPENSSL_NO_DES to use openssl des related | |||
| 6 | library conditionaly. | 11 | library conditionaly. |
| 7 | 12 | ||
| 8 | Signed-off-by: Kai Kang <kai.kang@windriver.com> | 13 | Signed-off-by: Kai Kang <kai.kang@windriver.com> |
| 14 | |||
| 9 | --- | 15 | --- |
| 16 | src/common.h | 2 ++ | ||
| 17 | src/protocol.c | 6 +++--- | ||
| 18 | 2 files changed, 5 insertions(+), 3 deletions(-) | ||
| 19 | |||
| 10 | diff --git a/src/common.h b/src/common.h | 20 | diff --git a/src/common.h b/src/common.h |
| 11 | index f7d38b0..bf485af 100644 | 21 | index bc37eb5..03ee3e5 100644 |
| 12 | --- a/src/common.h | 22 | --- a/src/common.h |
| 13 | +++ b/src/common.h | 23 | +++ b/src/common.h |
| 14 | @@ -478,7 +478,9 @@ extern char *sys_errlist[]; | 24 | @@ -486,7 +486,9 @@ extern char *sys_errlist[]; |
| 15 | #ifndef OPENSSL_NO_MD4 | 25 | #ifndef OPENSSL_NO_MD4 |
| 16 | #include <openssl/md4.h> | 26 | #include <openssl/md4.h> |
| 17 | #endif /* !defined(OPENSSL_NO_MD4) */ | 27 | #endif /* !defined(OPENSSL_NO_MD4) */ |
| @@ -22,19 +32,19 @@ index f7d38b0..bf485af 100644 | |||
| 22 | #include <openssl/dh.h> | 32 | #include <openssl/dh.h> |
| 23 | #if OPENSSL_VERSION_NUMBER<0x10100000L | 33 | #if OPENSSL_VERSION_NUMBER<0x10100000L |
| 24 | diff --git a/src/protocol.c b/src/protocol.c | 34 | diff --git a/src/protocol.c b/src/protocol.c |
| 25 | index 587df09..8198eb6 100644 | 35 | index 804f115..d9b2b50 100644 |
| 26 | --- a/src/protocol.c | 36 | --- a/src/protocol.c |
| 27 | +++ b/src/protocol.c | 37 | +++ b/src/protocol.c |
| 28 | @@ -67,7 +67,7 @@ NOEXPORT char *imap_server(CLI *, SERVICE_OPTIONS *, const PHASE); | 38 | @@ -66,7 +66,7 @@ NOEXPORT char *nntp_client(CLI *, SERVICE_OPTIONS *, const PHASE); |
| 29 | NOEXPORT char *ldap_client(CLI *, SERVICE_OPTIONS *, const PHASE); | 39 | NOEXPORT char *ldap_client(CLI *, SERVICE_OPTIONS *, const PHASE); |
| 30 | NOEXPORT char *connect_server(CLI *, SERVICE_OPTIONS *, const PHASE); | 40 | NOEXPORT char *connect_server(CLI *, SERVICE_OPTIONS *, const PHASE); |
| 31 | NOEXPORT char *connect_client(CLI *, SERVICE_OPTIONS *, const PHASE); | 41 | NOEXPORT char *connect_client(CLI *, SERVICE_OPTIONS *, const PHASE); |
| 32 | -#ifndef OPENSSL_NO_MD4 | 42 | -#ifndef OPENSSL_NO_MD4 |
| 33 | +#if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DES) | 43 | +#if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DES) |
| 34 | NOEXPORT void ntlm(CLI *, SERVICE_OPTIONS *); | 44 | NOEXPORT void ntlm(CLI *, SERVICE_OPTIONS *); |
| 35 | NOEXPORT char *ntlm1(); | 45 | NOEXPORT char *ntlm1(void); |
| 36 | NOEXPORT char *ntlm3(char *, char *, char *, char *); | 46 | NOEXPORT char *ntlm3(char *, char *, char *, char *); |
| 37 | @@ -1332,7 +1332,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) { | 47 | @@ -1351,7 +1351,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) { |
| 38 | fd_printf(c, c->remote_fd.fd, "Host: %s", opt->protocol_host); | 48 | fd_printf(c, c->remote_fd.fd, "Host: %s", opt->protocol_host); |
| 39 | if(opt->protocol_username && opt->protocol_password) { | 49 | if(opt->protocol_username && opt->protocol_password) { |
| 40 | if(!strcasecmp(opt->protocol_authentication, "ntlm")) { | 50 | if(!strcasecmp(opt->protocol_authentication, "ntlm")) { |
| @@ -43,7 +53,7 @@ index 587df09..8198eb6 100644 | |||
| 43 | ntlm(c, opt); | 53 | ntlm(c, opt); |
| 44 | #else | 54 | #else |
| 45 | s_log(LOG_ERR, "NTLM authentication is not available"); | 55 | s_log(LOG_ERR, "NTLM authentication is not available"); |
| 46 | @@ -1376,7 +1376,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) { | 56 | @@ -1395,7 +1395,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) { |
| 47 | return NULL; | 57 | return NULL; |
| 48 | } | 58 | } |
| 49 | 59 | ||
diff --git a/meta-networking/recipes-support/stunnel/stunnel_5.64.bb b/meta-networking/recipes-support/stunnel/stunnel_5.65.bb index 13ecd5c5b..ab7ff4322 100644 --- a/meta-networking/recipes-support/stunnel/stunnel_5.64.bb +++ b/meta-networking/recipes-support/stunnel/stunnel_5.65.bb | |||
| @@ -11,7 +11,7 @@ SRC_URI = "https://stunnel.org/archive/5.x/${BP}.tar.gz \ | |||
| 11 | file://fix-openssl-no-des.patch \ | 11 | file://fix-openssl-no-des.patch \ |
| 12 | " | 12 | " |
| 13 | 13 | ||
| 14 | SRC_URI[sha256sum] = "eebe53ed116ba43b2e786762b0c2b91511e7b74857ad4765824e7199e6faf883" | 14 | SRC_URI[sha256sum] = "60c500063bd1feff2877f5726e38278c086f96c178f03f09d264a2012d6bf7fc" |
| 15 | 15 | ||
| 16 | inherit autotools bash-completion pkgconfig | 16 | inherit autotools bash-completion pkgconfig |
| 17 | 17 | ||