56 lines
2.9 KiB
Text
56 lines
2.9 KiB
Text
$OpenBSD: patch-xio-openssl_c,v 1.3.4.1 2016/02/02 10:41:06 sthen Exp $
|
|
--- xio-openssl.c.orig Fri Jan 29 10:28:38 2016
|
|
+++ xio-openssl.c Mon Feb 1 16:30:57 2016
|
|
@@ -108,7 +108,6 @@ const struct optdesc opt_openssl_key = { "open
|
|
const struct optdesc opt_openssl_dhparam = { "openssl-dhparam", "dh", OPT_OPENSSL_DHPARAM, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
|
|
const struct optdesc opt_openssl_cafile = { "openssl-cafile", "cafile", OPT_OPENSSL_CAFILE, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
|
|
const struct optdesc opt_openssl_capath = { "openssl-capath", "capath", OPT_OPENSSL_CAPATH, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
|
|
-const struct optdesc opt_openssl_egd = { "openssl-egd", "egd", OPT_OPENSSL_EGD, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
|
|
const struct optdesc opt_openssl_pseudo = { "openssl-pseudo", "pseudo", OPT_OPENSSL_PSEUDO, GROUP_OPENSSL, PH_SPEC, TYPE_BOOL, OFUNC_SPEC };
|
|
#if OPENSSL_VERSION_NUMBER >= 0x00908000L
|
|
const struct optdesc opt_openssl_compress = { "openssl-compress", "compress", OPT_OPENSSL_COMPRESS, GROUP_OPENSSL, PH_SPEC, TYPE_STRING, OFUNC_SPEC };
|
|
@@ -147,7 +146,7 @@ int xio_reset_fips_mode(void) {
|
|
static void openssl_conn_loginfo(SSL *ssl) {
|
|
Notice1("SSL connection using %s", SSL_get_cipher(ssl));
|
|
|
|
-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
|
|
+#if (OPENSSL_VERSION_NUMBER >= 0x00908000L) && !defined(OPENSSL_NO_COMP)
|
|
{
|
|
const COMP_METHOD *comp, *expansion;
|
|
|
|
@@ -722,7 +721,6 @@ int
|
|
char *opt_dhparam = NULL; /* file name of DH params */
|
|
char *opt_cafile = NULL; /* certificate authority file */
|
|
char *opt_capath = NULL; /* certificate authority directory */
|
|
- char *opt_egd = NULL; /* entropy gathering daemon socket path */
|
|
#if OPENSSL_VERSION_NUMBER >= 0x00908000L
|
|
char *opt_compress = NULL; /* compression method */
|
|
#endif
|
|
@@ -741,7 +739,6 @@ int
|
|
retropt_string(opts, OPT_OPENSSL_CAPATH, &opt_capath);
|
|
retropt_string(opts, OPT_OPENSSL_KEY, &opt_key);
|
|
retropt_string(opts, OPT_OPENSSL_DHPARAM, &opt_dhparam);
|
|
- retropt_string(opts, OPT_OPENSSL_EGD, &opt_egd);
|
|
retropt_bool(opts,OPT_OPENSSL_PSEUDO, &opt_pseudo);
|
|
#if OPENSSL_VERSION_NUMBER >= 0x00908000L
|
|
retropt_string(opts, OPT_OPENSSL_COMPRESS, &opt_compress);
|
|
@@ -877,10 +874,6 @@ int
|
|
}
|
|
}
|
|
|
|
- if (opt_egd) {
|
|
- sycRAND_egd(opt_egd);
|
|
- }
|
|
-
|
|
if (opt_pseudo) {
|
|
long int randdata;
|
|
/* initialize libc random from actual microseconds */
|
|
@@ -1105,7 +1098,7 @@ static int openssl_SSL_ERROR_SSL(int level, const char
|
|
if (e == ((ERR_LIB_RAND<<24)|
|
|
(RAND_F_SSLEAY_RAND_BYTES<<12)|
|
|
(RAND_R_PRNG_NOT_SEEDED)) /*0x24064064*/) {
|
|
- Error("too few entropy; use options \"egd\" or \"pseudo\"");
|
|
+ Error("too few entropy; use option \"pseudo\"");
|
|
stat = STAT_NORETRY;
|
|
} else {
|
|
Msg2(level, "%s(): %s", funcname, ERR_error_string(e, buf));
|