diff options
Diffstat (limited to 'net-vpn/openvpn/files/openvpn-2.4.0-fix-libressl.patch')
-rw-r--r-- | net-vpn/openvpn/files/openvpn-2.4.0-fix-libressl.patch | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/net-vpn/openvpn/files/openvpn-2.4.0-fix-libressl.patch b/net-vpn/openvpn/files/openvpn-2.4.0-fix-libressl.patch new file mode 100644 index 000000000000..4c3aca5d5a92 --- /dev/null +++ b/net-vpn/openvpn/files/openvpn-2.4.0-fix-libressl.patch @@ -0,0 +1,21 @@ +diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c +index 8266595..a889332 100644 +--- a/src/openvpn/ssl_openssl.c ++++ b/src/openvpn/ssl_openssl.c +@@ -508,10 +508,13 @@ tls_ctx_load_ecdh_params(struct tls_root_ctx *ctx, const char *curve_name + const EC_GROUP *ecgrp = NULL; + EVP_PKEY *pkey = NULL; + +- /* Little hack to get private key ref from SSL_CTX, yay OpenSSL... */ +- SSL ssl; +- ssl.cert = ctx->ctx->cert; +- pkey = SSL_get_privatekey(&ssl); ++ SSL *ssl = SSL_new(ctx->ctx); ++ if (!ssl) ++ { ++ crypto_msg(M_FATAL, "SSL_new failed"); ++ } ++ pkey = SSL_get_privatekey(ssl); ++ SSL_free(ssl); + + msg(D_TLS_DEBUG, "Extracting ECDH curve from private key"); |