aboutsummaryrefslogtreecommitdiffstats
path: root/main/hexchat/libressl.patch
blob: d829dee39952a881c7c66c8ab6d3c2c3ef6c2ae2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
From d583ca7d922e5ac6ff466df2e4411b1303a3a2a3 Mon Sep 17 00:00:00 2001
From: Florian Stinglmayr <florian@n0la.org>
Date: Tue, 13 Dec 2016 18:41:43 +0100
Subject: [PATCH] Use AC_CHECK_FUNCS to find functions not in LibreSSL

LibreSSL might not have all functions of OpenSSL 1.1.0 so use
AC_CHECK_FUNCS to find them first before using them.

Closes #1899
Fixes #1898
---
 configure.ac     | 2 ++
 src/common/ssl.c | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index 34e6def..1f442c5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -374,6 +374,8 @@ AS_IF([test "$openssl" != no], [
 		openssl=yes
 		COMMON_LIBS="$COMMON_LIBS $OPENSSL_LIBS"
 		COMMON_CFLAGS="$COMMON_CFLAGS $OPENSSL_CFLAGS"
+		dnl Test for various functions that are not available in LibreSSL
+		AC_CHECK_FUNCS([SSL_CTX_get_ssl_method X509_get_signature_nid])
 	], [
 		unset openssl_path ac_cv_lib_ssl_SSL_new ac_cv_header_openssl_ssl_h
 		AS_IF([test "$openssl" != yes], [
diff --git a/src/common/ssl.c b/src/common/ssl.c
index cb58ce2..76fea7b 100644
--- a/src/common/ssl.c
+++ b/src/common/ssl.c
@@ -176,7 +176,7 @@ _SSL_get_cert_info (struct cert_info *cert_info, SSL * ssl)
 		return 1;
 
 	alg = OBJ_obj2nid (algor->algorithm);
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#ifndef HAVE_X509_GET_SIGNATURE_NID
 	sign_alg = OBJ_obj2nid (peer_cert->sig_alg->algorithm);
 #else
 	sign_alg = X509_get_signature_nid (peer_cert);
@@ -306,7 +306,7 @@ _SSL_socket (SSL_CTX *ctx, int sd)
 
 	SSL_set_fd (ssl, sd);
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#ifndef HAVE_SSL_CTX_GET_SSL_METHOD
 	method = ctx->method;
 #else
 	method = SSL_CTX_get_ssl_method (ctx);
From aa7080f8fe63939d7ff4a0d0b1ec60f0c3eb31be Mon Sep 17 00:00:00 2001
From: Patrick Griffis <tingping@tingping.se>
Date: Tue, 13 Dec 2016 17:29:26 -0500
Subject: [PATCH] Fix building fishlim against libressl also

Also part of #1898
---
 configure.ac             | 2 +-
 plugins/fishlim/dh1080.c | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/configure.ac b/configure.ac
index 1f442c5..10a1550 100644
--- a/configure.ac
+++ b/configure.ac
@@ -375,7 +375,7 @@ AS_IF([test "$openssl" != no], [
 		COMMON_LIBS="$COMMON_LIBS $OPENSSL_LIBS"
 		COMMON_CFLAGS="$COMMON_CFLAGS $OPENSSL_CFLAGS"
 		dnl Test for various functions that are not available in LibreSSL
-		AC_CHECK_FUNCS([SSL_CTX_get_ssl_method X509_get_signature_nid])
+		AC_CHECK_FUNCS([SSL_CTX_get_ssl_method X509_get_signature_nid DH_set0_pqg DH_get0_key DH_set0_key])
 	], [
 		unset openssl_path ac_cv_lib_ssl_SSL_new ac_cv_header_openssl_ssl_h
 		AS_IF([test "$openssl" != yes], [
diff --git a/plugins/fishlim/dh1080.c b/plugins/fishlim/dh1080.c
index ff6e579..3611758 100644
--- a/plugins/fishlim/dh1080.c
+++ b/plugins/fishlim/dh1080.c
@@ -74,7 +74,7 @@ dh1080_init (void)
 
 		BN_set_word (g, 2);
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#ifndef HAVE_DH_SET0_PQG
 		g_dh->p = p;
 		g_dh->g = g;
 #else
@@ -162,7 +162,7 @@ dh1080_generate_key (char **priv_key, char **pub_key)
 		return 0;
 	}
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#ifndef HAVE_DH_GET0_KEY
 	dh_pub_key = dh->pub_key;
 	dh_priv_key = dh->priv_key;
 #else
@@ -213,7 +213,7 @@ dh1080_compute_key (const char *priv_key, const char *pub_key, char **secret_key
 
 	  	priv_key_data = dh1080_decode_b64 (priv_key, &priv_key_len);
 		priv_key_num = BN_bin2bn(priv_key_data, priv_key_len, NULL);
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#ifndef HAVE_DH_SET0_KEY
 		dh->priv_key = priv_key_num;
 #else
 		DH_set0_key (dh, NULL, priv_key_num);