Module Name: src
Committed By: tteras
Date: Mon Dec 24 08:48:09 UTC 2012
Modified Files:
src/crypto/dist/ipsec-tools [ipsec-tools-0_8-branch]: configure.ac
src/crypto/dist/ipsec-tools/src/racoon [ipsec-tools-0_8-branch]:
crypto_openssl.c
src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2
[ipsec-tools-0_8-branch]:
sha2.c
Log Message:
>From Götz Babin-Ebell <g.babin-eb...@novamedia.de>:
Require OpenSSL 0.9.8s or higher
To generate a diff of this commit:
cvs rdiff -u -r1.10.6.1 -r1.10.6.2 src/crypto/dist/ipsec-tools/configure.ac
cvs rdiff -u -r1.20.4.1 -r1.20.4.2 \
src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c
cvs rdiff -u -r1.4 -r1.4.40.1 \
src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/dist/ipsec-tools/configure.ac
diff -u src/crypto/dist/ipsec-tools/configure.ac:1.10.6.1 src/crypto/dist/ipsec-tools/configure.ac:1.10.6.2
--- src/crypto/dist/ipsec-tools/configure.ac:1.10.6.1 Fri Mar 18 13:25:12 2011
+++ src/crypto/dist/ipsec-tools/configure.ac Mon Dec 24 08:48:08 2012
@@ -207,12 +207,12 @@ AC_MSG_CHECKING(openssl version)
AC_TRY_COMPILE(
[#include <openssl/opensslv.h>
],
-[#if OPENSSL_VERSION_NUMBER < 0x0090602fL
+[#if OPENSSL_VERSION_NUMBER < 0x0090813fL
#error OpenSSL version is too old ...
#endif],
[AC_MSG_RESULT([ok])],
[AC_MSG_RESULT(too old)
-AC_MSG_ERROR([OpenSSL version must be 0.9.6 or higher. Aborting.])
+AC_MSG_ERROR([OpenSSL version must be 0.9.8s or higher. Aborting.])
])
AC_CHECK_HEADERS(openssl/engine.h)
Index: src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c
diff -u src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.20.4.1 src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.20.4.2
--- src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.20.4.1 Thu Aug 23 11:46:06 2012
+++ src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c Mon Dec 24 08:48:08 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: crypto_openssl.c,v 1.20.4.1 2012/08/23 11:46:06 tteras Exp $ */
+/* $NetBSD: crypto_openssl.c,v 1.20.4.2 2012/12/24 08:48:08 tteras Exp $ */
/* Id: crypto_openssl.c,v 1.47 2006/05/06 20:42:09 manubsd Exp */
@@ -44,8 +44,8 @@
/* get openssl/ssleay version number */
#include <openssl/opensslv.h>
-#if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090602fL)
-#error OpenSSL version 0.9.6 or later required.
+#if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090813fL)
+#error OpenSSL version 0.9.8s or later required.
#endif
#include <openssl/pem.h>
@@ -91,12 +91,7 @@
#endif
#include "plog.h"
-/* 0.9.7 stuff? */
-#if OPENSSL_VERSION_NUMBER < 0x0090700fL
-typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
-#else
#define USE_NEW_DES_API
-#endif
#define OpenSSL_BUG() do { plog(LLV_ERROR, LOCATION, NULL, "OpenSSL function failed\n"); } while(0)
@@ -505,10 +500,8 @@ eay_check_x509cert(cert, CApath, CAfile,
if (csc == NULL)
goto end;
X509_STORE_CTX_init(csc, cert_ctx, x509, NULL);
-#if OPENSSL_VERSION_NUMBER >= 0x00907000L
X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK);
X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK_ALL);
-#endif
error = X509_verify_cert(csc);
X509_STORE_CTX_free(csc);
Index: src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c
diff -u src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c:1.4 src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c:1.4.40.1
--- src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c:1.4 Sat Sep 9 16:22:36 2006
+++ src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c Mon Dec 24 08:48:08 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: sha2.c,v 1.4 2006/09/09 16:22:36 manu Exp $ */
+/* $NetBSD: sha2.c,v 1.4.40.1 2012/12/24 08:48:08 tteras Exp $ */
/* Id: sha2.c,v 1.6 2004/09/21 14:35:25 ludvigm Exp */
@@ -56,9 +56,7 @@
#define bzero(a, b) memset((a), 0, (b))
#define panic(a) err(1, (a))
-#if OPENSSL_VERSION_NUMBER >= 0x00907000L
#define HAVE_EVP_097
-#endif
/*
* ASSERT NOTE:
