1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
diff -Naur stunnel-5.30.orig/src/ctx.c stunnel-5.30/src/ctx.c
--- stunnel-5.30.orig/src/ctx.c 2016-01-15 16:45:23.000000000 +0000
+++ stunnel-5.30/src/ctx.c 2016-05-14 15:16:47.392859450 +0000
@@ -359,7 +359,7 @@
/**************************************** initialize OpenSSL CONF */
NOEXPORT int conf_init(SERVICE_OPTIONS *section) {
-#if OPENSSL_VERSION_NUMBER>=0x10002000L
+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
SSL_CONF_CTX *cctx;
NAME_LIST *curr;
char *cmd, *param;
diff -Naur stunnel-5.30.orig/src/verify.c stunnel-5.30/src/verify.c
--- stunnel-5.30.orig/src/verify.c 2016-01-15 16:45:23.000000000 +0000
+++ stunnel-5.30/src/verify.c 2016-05-14 15:16:10.369860180 +0000
@@ -51,7 +51,7 @@
NOEXPORT int verify_callback(int, X509_STORE_CTX *);
NOEXPORT int verify_checks(CLI *, int, X509_STORE_CTX *);
NOEXPORT int cert_check(CLI *, X509_STORE_CTX *, int);
-#if OPENSSL_VERSION_NUMBER>=0x10002000L
+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
NOEXPORT int cert_check_subject(CLI *, X509_STORE_CTX *);
#endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
NOEXPORT int cert_check_local(X509_STORE_CTX *);
@@ -280,7 +280,7 @@
}
if(depth==0) { /* additional peer certificate checks */
-#if OPENSSL_VERSION_NUMBER>=0x10002000L
+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
if(!cert_check_subject(c, callback_ctx))
return 0; /* reject */
#endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
@@ -291,7 +291,7 @@
return 1; /* accept */
}
-#if OPENSSL_VERSION_NUMBER>=0x10002000L
+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
NOEXPORT int cert_check_subject(CLI *c, X509_STORE_CTX *callback_ctx) {
X509 *cert=X509_STORE_CTX_get_current_cert(callback_ctx);
NAME_LIST *ptr;
|
GitWeb
