ipsec-tools

Timo Teräs Mon, 24 Dec 2012 00:48:33 -0800

Module Name:    src
Committed By:   tteras
Date:           Mon Dec 24 08:48:09 UTC 2012


Modified Files:
        src/crypto/dist/ipsec-tools [ipsec-tools-0_8-branch]: configure.ac
        src/crypto/dist/ipsec-tools/src/racoon [ipsec-tools-0_8-branch]:
            crypto_openssl.c
        src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2 
[ipsec-tools-0_8-branch]:
            sha2.c

Log Message:
>From Götz Babin-Ebell <[email protected]>:
Require OpenSSL 0.9.8s or higher


To generate a diff of this commit:
cvs rdiff -u -r1.10.6.1 -r1.10.6.2 src/crypto/dist/ipsec-tools/configure.ac
cvs rdiff -u -r1.20.4.1 -r1.20.4.2 \
    src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c
cvs rdiff -u -r1.4 -r1.4.40.1 \
    src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/dist/ipsec-tools/configure.ac
diff -u src/crypto/dist/ipsec-tools/configure.ac:1.10.6.1 src/crypto/dist/ipsec-tools/configure.ac:1.10.6.2
--- src/crypto/dist/ipsec-tools/configure.ac:1.10.6.1	Fri Mar 18 13:25:12 2011
+++ src/crypto/dist/ipsec-tools/configure.ac	Mon Dec 24 08:48:08 2012
@@ -207,12 +207,12 @@ AC_MSG_CHECKING(openssl version)
 AC_TRY_COMPILE(
 [#include <openssl/opensslv.h>
 ],
-[#if OPENSSL_VERSION_NUMBER < 0x0090602fL
+[#if OPENSSL_VERSION_NUMBER < 0x0090813fL
 #error OpenSSL version is too old ...
 #endif],
 [AC_MSG_RESULT([ok])],
 [AC_MSG_RESULT(too old)
-AC_MSG_ERROR([OpenSSL version must be 0.9.6 or higher. Aborting.])
+AC_MSG_ERROR([OpenSSL version must be 0.9.8s or higher. Aborting.])
 ])
 
 AC_CHECK_HEADERS(openssl/engine.h)

Index: src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c
diff -u src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.20.4.1 src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.20.4.2
--- src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.20.4.1	Thu Aug 23 11:46:06 2012
+++ src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c	Mon Dec 24 08:48:08 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: crypto_openssl.c,v 1.20.4.1 2012/08/23 11:46:06 tteras Exp $	*/
+/*	$NetBSD: crypto_openssl.c,v 1.20.4.2 2012/12/24 08:48:08 tteras Exp $	*/
 
 /* Id: crypto_openssl.c,v 1.47 2006/05/06 20:42:09 manubsd Exp */
 
@@ -44,8 +44,8 @@
 /* get openssl/ssleay version number */
 #include <openssl/opensslv.h>
 
-#if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090602fL)
-#error OpenSSL version 0.9.6 or later required.
+#if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090813fL)
+#error OpenSSL version 0.9.8s or later required.
 #endif
 
 #include <openssl/pem.h>
@@ -91,12 +91,7 @@
 #endif
 #include "plog.h"
 
-/* 0.9.7 stuff? */
-#if OPENSSL_VERSION_NUMBER < 0x0090700fL
-typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
-#else
 #define USE_NEW_DES_API
-#endif
 
 #define OpenSSL_BUG()	do { plog(LLV_ERROR, LOCATION, NULL, "OpenSSL function failed\n"); } while(0)
 
@@ -505,10 +500,8 @@ eay_check_x509cert(cert, CApath, CAfile,
 	if (csc == NULL)
 		goto end;
 	X509_STORE_CTX_init(csc, cert_ctx, x509, NULL);
-#if OPENSSL_VERSION_NUMBER >= 0x00907000L
 	X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK);
 	X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK_ALL);
-#endif
 	error = X509_verify_cert(csc);
 	X509_STORE_CTX_free(csc);
 

Index: src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c
diff -u src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c:1.4 src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c:1.4.40.1
--- src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c:1.4	Sat Sep  9 16:22:36 2006
+++ src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c	Mon Dec 24 08:48:08 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: sha2.c,v 1.4 2006/09/09 16:22:36 manu Exp $	*/
+/*	$NetBSD: sha2.c,v 1.4.40.1 2012/12/24 08:48:08 tteras Exp $	*/
 
 /* Id: sha2.c,v 1.6 2004/09/21 14:35:25 ludvigm Exp */
 
@@ -56,9 +56,7 @@
 #define bzero(a, b) memset((a), 0, (b))
 #define panic(a) err(1, (a))
 
-#if OPENSSL_VERSION_NUMBER >= 0x00907000L
 #define HAVE_EVP_097
-#endif
 
 /*
  * ASSERT NOTE:

CVS commit: [ipsec-tools-0_8-branch] src/crypto/dist/ipsec-tools

Reply via email to