[gentoo-commits] repo/gentoo:master commit in: net-misc/openvpn/files/, net-misc/openvpn/

Jason Donenfeld Tue, 14 Feb 2017 11:48:18 -0800

commit:     576416b15056b11df59e03473e4e82037d74ee9b
Author:     Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Tue Feb 14 19:46:32 2017 +0000
Commit:     Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Tue Feb 14 19:47:08 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=576416b1


net-misc/openvpn: fix bug 608244

Package-Manager: Portage-2.3.3, Repoman-2.3.1

 .../openvpn/files/openvpn-2.4.0-fix-libressl.patch  | 21 +++++++++++++++++++++
 net-misc/openvpn/openvpn-2.4.0-r1.ebuild            |  1 +
 2 files changed, 22 insertions(+)

diff --git a/net-misc/openvpn/files/openvpn-2.4.0-fix-libressl.patch 
b/net-misc/openvpn/files/openvpn-2.4.0-fix-libressl.patch
new file mode 100644
index 0000000000..4c3aca5d5a
--- /dev/null
+++ b/net-misc/openvpn/files/openvpn-2.4.0-fix-libressl.patch
@@ -0,0 +1,21 @@
+diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
+index 8266595..a889332 100644
+--- a/src/openvpn/ssl_openssl.c
++++ b/src/openvpn/ssl_openssl.c
+@@ -508,10 +508,13 @@ tls_ctx_load_ecdh_params(struct tls_root_ctx *ctx, const 
char *curve_name
+         const EC_GROUP *ecgrp = NULL;
+         EVP_PKEY *pkey = NULL;
+
+-        /* Little hack to get private key ref from SSL_CTX, yay OpenSSL... */
+-        SSL ssl;
+-        ssl.cert = ctx->ctx->cert;
+-        pkey = SSL_get_privatekey(&ssl);
++        SSL *ssl = SSL_new(ctx->ctx);
++        if (!ssl)
++        {
++            crypto_msg(M_FATAL, "SSL_new failed");
++        }
++        pkey = SSL_get_privatekey(ssl);
++        SSL_free(ssl);
+
+         msg(D_TLS_DEBUG, "Extracting ECDH curve from private key");

diff --git a/net-misc/openvpn/openvpn-2.4.0-r1.ebuild 
b/net-misc/openvpn/openvpn-2.4.0-r1.ebuild
index 1b64d5b698..bd85309308 100644
--- a/net-misc/openvpn/openvpn-2.4.0-r1.ebuild
+++ b/net-misc/openvpn/openvpn-2.4.0-r1.ebuild
@@ -52,6 +52,7 @@ CONFIG_CHECK="~TUN"
 
 PATCHES=(
        "${FILESDIR}/${PN}-external-cmocka.patch"
+       "${FILESDIR}/${PN}-2.4.0-fix-libressl.patch"
 )
 
 pkg_setup()  {

[gentoo-commits] repo/gentoo:master commit in: net-misc/openvpn/files/, net-misc/openvpn/

Reply via email to