pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/www/cherokee



Module Name:    pkgsrc
Committed By:   joerg
Date:           Wed Apr 15 22:38:19 UTC 2020

Modified Files:
        pkgsrc/www/cherokee: distinfo
Added Files:
        pkgsrc/www/cherokee/patches: patch-cherokee_cryptor__libssl.c
            patch-cherokee_cryptor__libssl__dh__1024.c
            patch-cherokee_cryptor__libssl__dh__2048.c
            patch-cherokee_cryptor__libssl__dh__4096.c
            patch-cherokee_cryptor__libssl__dh__512.c

Log Message:
Adopt OpenSSL 1.1 interfaces.


To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/www/cherokee/distinfo
cvs rdiff -u -r0 -r1.1 \
    pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl.c \
    pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__1024.c \
    pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__2048.c \
    pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__4096.c \
    pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__512.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/cherokee/distinfo
diff -u pkgsrc/www/cherokee/distinfo:1.7 pkgsrc/www/cherokee/distinfo:1.8
--- pkgsrc/www/cherokee/distinfo:1.7    Wed Nov  4 02:46:51 2015
+++ pkgsrc/www/cherokee/distinfo        Wed Apr 15 22:38:18 2020
@@ -1,8 +1,13 @@
-$NetBSD: distinfo,v 1.7 2015/11/04 02:46:51 agc Exp $
+$NetBSD: distinfo,v 1.8 2020/04/15 22:38:18 joerg Exp $
 
 SHA1 (cherokee-1.2.101.tar.gz) = b27f149c7d7111207ac8c3cd8a4856c05490d136
 RMD160 (cherokee-1.2.101.tar.gz) = dd3dedc352ba17bdcefd8e200143b8ffa19ad035
 SHA512 (cherokee-1.2.101.tar.gz) = a2c513cadcc0d43def2199d38c5248eb7dae4d100ea019d3d705e46741df6c0a8f9a164668eb3983d6bdfebdb1e28d29dc8e6bf7f6858c600307067e083e1098
 Size (cherokee-1.2.101.tar.gz) = 6320209 bytes
 SHA1 (patch-cherokee_common-internal.h) = 730b67aa0cdf4990686e9529cec3a7fc1ddd90a5
+SHA1 (patch-cherokee_cryptor__libssl.c) = 86fba9edc122ba28bc38b1688013fa68192665bd
+SHA1 (patch-cherokee_cryptor__libssl__dh__1024.c) = 331bf1bb18ec78f8ddb2e5e2ef18a48cf66b624a
+SHA1 (patch-cherokee_cryptor__libssl__dh__2048.c) = 46541cfd1ab8dfcc14a14aa3240d2047dd044aaa
+SHA1 (patch-cherokee_cryptor__libssl__dh__4096.c) = 8aa7c90d05fcefba59243a8b9671fca3f74f73d3
+SHA1 (patch-cherokee_cryptor__libssl__dh__512.c) = 8c0c43942b7fa2485e241f376c9d542cb9b506b9
 SHA1 (patch-configure) = 58a25088320863dd00f4c7d4f050e1c163dbe6f3

Added files:

Index: pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl.c
diff -u /dev/null pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl.c:1.1
--- /dev/null   Wed Apr 15 22:38:19 2020
+++ pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl.c        Wed Apr 15 22:38:19 2020
@@ -0,0 +1,37 @@
+$NetBSD: patch-cherokee_cryptor__libssl.c,v 1.1 2020/04/15 22:38:19 joerg Exp $
+
+Use OpenSSL 1.1 interface. Drop renegotation option, it doesn't exist in
+TLS 1.1 and newer.
+
+--- cherokee/cryptor_libssl.c.orig     2020-04-13 20:05:38.835019312 +0000
++++ cherokee/cryptor_libssl.c
+@@ -238,13 +238,13 @@ cherokee_cryptor_libssl_find_vserver (SS
+       /* SSL_set_SSL_CTX() only change certificates. We need to
+        * changes more options by hand.
+        */
+-      SSL_set_options(ssl, SSL_CTX_get_options(ssl->ctx));
++      SSL_set_options(ssl, SSL_CTX_get_options(SSL_get_SSL_CTX(ssl)));
+ 
+       if ((SSL_get_verify_mode(ssl) == SSL_VERIFY_NONE) ||
+           (SSL_num_renegotiations(ssl) == 0)) {
+ 
+-              SSL_set_verify(ssl, SSL_CTX_get_verify_mode(ssl->ctx),
+-                             SSL_CTX_get_verify_callback(ssl->ctx));
++              SSL_set_verify(ssl, SSL_CTX_get_verify_mode(SSL_get_SSL_CTX(ssl)),
++                             SSL_CTX_get_verify_callback(SSL_get_SSL_CTX(ssl)));
+       }
+ 
+       return ret_ok;
+@@ -672,12 +672,6 @@ _socket_init_tls (cherokee_cryptor_socke
+       }
+ #endif
+ 
+-      /* Disable Ciphers renegotiation (CVE-2009-3555)
+-       */
+-      if (cryp->session->s3) {
+-              cryp->session->s3->flags |= SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS;
+-      }
+-
+       return ret_ok;
+ }
+ 
Index: pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__1024.c
diff -u /dev/null pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__1024.c:1.1
--- /dev/null   Wed Apr 15 22:38:19 2020
+++ pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__1024.c      Wed Apr 15 22:38:19 2020
@@ -0,0 +1,20 @@
+$NetBSD: patch-cherokee_cryptor__libssl__dh__1024.c,v 1.1 2020/04/15 22:38:19 joerg Exp $
+
+Use OpenSSL 1.1 interface.
+
+--- cherokee/cryptor_libssl_dh_1024.c.orig     2020-04-13 20:11:32.162747627 +0000
++++ cherokee/cryptor_libssl_dh_1024.c
+@@ -23,9 +23,10 @@ static DH *get_dh1024()
+       DH *dh;
+ 
+       if ((dh=DH_new()) == NULL) return(NULL);
+-      dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
+-      dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
+-      if ((dh->p == NULL) || (dh->g == NULL))
++      BIGNUM *p = BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
++      BIGNUM *g = BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
++      DH_set0_pqg(dh, p, NULL, g);
++      if (p == NULL || g == NULL)
+               { DH_free(dh); return(NULL); }
+       return(dh);
+       }
Index: pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__2048.c
diff -u /dev/null pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__2048.c:1.1
--- /dev/null   Wed Apr 15 22:38:19 2020
+++ pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__2048.c      Wed Apr 15 22:38:19 2020
@@ -0,0 +1,20 @@
+$NetBSD: patch-cherokee_cryptor__libssl__dh__2048.c,v 1.1 2020/04/15 22:38:19 joerg Exp $
+
+Use OpenSSL 1.1 interface.
+
+--- cherokee/cryptor_libssl_dh_2048.c.orig     2020-04-13 20:11:21.574212142 +0000
++++ cherokee/cryptor_libssl_dh_2048.c
+@@ -34,9 +34,10 @@ static DH *get_dh2048()
+       DH *dh;
+ 
+       if ((dh=DH_new()) == NULL) return(NULL);
+-      dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
+-      dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
+-      if ((dh->p == NULL) || (dh->g == NULL))
++      BIGNUM *p = BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
++      BIGNUM *g = BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
++      DH_set0_pqg(dh, p, NULL, g);
++      if (p == NULL || g == NULL)
+               { DH_free(dh); return(NULL); }
+       return(dh);
+       }
Index: pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__4096.c
diff -u /dev/null pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__4096.c:1.1
--- /dev/null   Wed Apr 15 22:38:19 2020
+++ pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__4096.c      Wed Apr 15 22:38:19 2020
@@ -0,0 +1,20 @@
+$NetBSD: patch-cherokee_cryptor__libssl__dh__4096.c,v 1.1 2020/04/15 22:38:19 joerg Exp $
+
+Use OpenSSL 1.1 interface.
+
+--- cherokee/cryptor_libssl_dh_4096.c.orig     2020-04-13 20:07:50.092112602 +0000
++++ cherokee/cryptor_libssl_dh_4096.c
+@@ -55,9 +55,10 @@ static DH *get_dh4096()
+       DH *dh;
+ 
+       if ((dh=DH_new()) == NULL) return(NULL);
+-      dh->p=BN_bin2bn(dh4096_p,sizeof(dh4096_p),NULL);
+-      dh->g=BN_bin2bn(dh4096_g,sizeof(dh4096_g),NULL);
+-      if ((dh->p == NULL) || (dh->g == NULL))
++      BIGNUM *p = BN_bin2bn(dh4096_p,sizeof(dh4096_p),NULL);
++      BIGNUM *g = BN_bin2bn(dh4096_g,sizeof(dh4096_g),NULL);
++      DH_set0_pqg(dh, p, NULL, g);
++      if (p == NULL || g == NULL)
+               { DH_free(dh); return(NULL); }
+       return(dh);
+       }
Index: pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__512.c
diff -u /dev/null pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__512.c:1.1
--- /dev/null   Wed Apr 15 22:38:19 2020
+++ pkgsrc/www/cherokee/patches/patch-cherokee_cryptor__libssl__dh__512.c       Wed Apr 15 22:38:19 2020
@@ -0,0 +1,20 @@
+$NetBSD: patch-cherokee_cryptor__libssl__dh__512.c,v 1.1 2020/04/15 22:38:19 joerg Exp $
+
+Use OpenSSL 1.1 interface.
+
+--- cherokee/cryptor_libssl_dh_512.c.orig      2020-04-13 20:12:04.828129889 +0000
++++ cherokee/cryptor_libssl_dh_512.c
+@@ -18,9 +18,10 @@ static DH *get_dh512()
+       DH *dh;
+ 
+       if ((dh=DH_new()) == NULL) return(NULL);
+-      dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
+-      dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
+-      if ((dh->p == NULL) || (dh->g == NULL))
++      BIGNUM *p = BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
++      BIGNUM *g = BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
++      DH_set0_pqg(dh, p, NULL, g);
++      if (p == NULL || g == NULL)
+               { DH_free(dh); return(NULL); }
+       return(dh);
+       }



Home | Main Index | Thread Index | Old Index