57 lines
2.9 KiB
Text
57 lines
2.9 KiB
Text
|
$OpenBSD: patch-xio-openssl_c,v 1.2 2014/07/12 14:30:20 pascal Exp $
|
||
|
--- xio-openssl.c.orig Sun Mar 2 20:26:45 2014
|
||
|
+++ xio-openssl.c Sat Jul 12 16:00:50 2014
|
||
|
@@ -102,7 +102,6 @@ const struct optdesc opt_openssl_key = { "open
|
||
|
const struct optdesc opt_openssl_dhparam = { "openssl-dhparam", "dh", OPT_OPENSSL_DHPARAM, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
|
||
|
const struct optdesc opt_openssl_cafile = { "openssl-cafile", "cafile", OPT_OPENSSL_CAFILE, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
|
||
|
const struct optdesc opt_openssl_capath = { "openssl-capath", "capath", OPT_OPENSSL_CAPATH, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
|
||
|
-const struct optdesc opt_openssl_egd = { "openssl-egd", "egd", OPT_OPENSSL_EGD, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
|
||
|
const struct optdesc opt_openssl_pseudo = { "openssl-pseudo", "pseudo", OPT_OPENSSL_PSEUDO, GROUP_OPENSSL, PH_SPEC, TYPE_BOOL, OFUNC_SPEC };
|
||
|
#if OPENSSL_VERSION_NUMBER >= 0x00908000L
|
||
|
const struct optdesc opt_openssl_compress = { "openssl-compress", "compress", OPT_OPENSSL_COMPRESS, GROUP_OPENSSL, PH_SPEC, TYPE_STRING, OFUNC_SPEC };
|
||
|
@@ -140,7 +139,7 @@ int xio_reset_fips_mode(void) {
|
||
|
static void openssl_conn_loginfo(SSL *ssl) {
|
||
|
Notice1("SSL connection using %s", SSL_get_cipher(ssl));
|
||
|
|
||
|
-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
|
||
|
+#if (OPENSSL_VERSION_NUMBER >= 0x00908000L) && !defined(OPENSSL_NO_COMP)
|
||
|
{
|
||
|
const COMP_METHOD *comp, *expansion;
|
||
|
|
||
|
@@ -697,7 +696,6 @@ int
|
||
|
char *opt_dhparam = NULL; /* file name of DH params */
|
||
|
char *opt_cafile = NULL; /* certificate authority file */
|
||
|
char *opt_capath = NULL; /* certificate authority directory */
|
||
|
- char *opt_egd = NULL; /* entropy gathering daemon socket path */
|
||
|
#if OPENSSL_VERSION_NUMBER >= 0x00908000L
|
||
|
char *opt_compress = NULL; /* compression method */
|
||
|
#endif
|
||
|
@@ -716,7 +714,6 @@ int
|
||
|
retropt_string(opts, OPT_OPENSSL_CAPATH, &opt_capath);
|
||
|
retropt_string(opts, OPT_OPENSSL_KEY, &opt_key);
|
||
|
retropt_string(opts, OPT_OPENSSL_DHPARAM, &opt_dhparam);
|
||
|
- retropt_string(opts, OPT_OPENSSL_EGD, &opt_egd);
|
||
|
retropt_bool(opts,OPT_OPENSSL_PSEUDO, &opt_pseudo);
|
||
|
#if OPENSSL_VERSION_NUMBER >= 0x00908000L
|
||
|
retropt_string(opts, OPT_OPENSSL_COMPRESS, &opt_compress);
|
||
|
@@ -796,10 +793,6 @@ int
|
||
|
}
|
||
|
}
|
||
|
|
||
|
- if (opt_egd) {
|
||
|
- sycRAND_egd(opt_egd);
|
||
|
- }
|
||
|
-
|
||
|
if (opt_pseudo) {
|
||
|
long int randdata;
|
||
|
/* initialize libc random from actual microseconds */
|
||
|
@@ -979,7 +972,7 @@ static int openssl_SSL_ERROR_SSL(int level, const char
|
||
|
if (e == ((ERR_LIB_RAND<<24)|
|
||
|
(RAND_F_SSLEAY_RAND_BYTES<<12)|
|
||
|
(RAND_R_PRNG_NOT_SEEDED)) /*0x24064064*/) {
|
||
|
- Error("too few entropy; use options \"egd\" or \"pseudo\"");
|
||
|
+ Error("too few entropy; use options \"pseudo\"");
|
||
|
return STAT_NORETRY;
|
||
|
} else {
|
||
|
Msg2(level, "%s(): %s", funcname, ERR_error_string(e, buf));
|