diff options
Diffstat (limited to 'net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-openssl-1.1.patch')
-rw-r--r-- | net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-openssl-1.1.patch | 48 |
1 files changed, 0 insertions, 48 deletions
diff --git a/net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-openssl-1.1.patch b/net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-openssl-1.1.patch deleted file mode 100644 index 1e2335f34c06..000000000000 --- a/net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-openssl-1.1.patch +++ /dev/null @@ -1,48 +0,0 @@ -From f665c93e1d28fbab3d9127a8c3985cc32940824f Mon Sep 17 00:00:00 2001 -From: Beniamino Galvani <bgalvani@redhat.com> -Date: Sun, 9 Jul 2017 11:14:10 +0200 -Subject: OpenSSL: Fix private key password handling with OpenSSL >= 1.1.0f - -Since OpenSSL version 1.1.0f, SSL_use_PrivateKey_file() uses the -callback from the SSL object instead of the one from the CTX, so let's -set the callback on both SSL and CTX. Note that -SSL_set_default_passwd_cb*() is available only in 1.1.0. - -Signed-off-by: Beniamino Galvani <bgalvani@redhat.com> ---- - src/crypto/tls_openssl.c | 12 ++++++++++++ - 1 file changed, 12 insertions(+) - -diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c -index fd94eaf..c790b53 100644 ---- a/src/crypto/tls_openssl.c -+++ b/src/crypto/tls_openssl.c -@@ -2796,6 +2796,15 @@ static int tls_connection_private_key(struct tls_data *data, - } else - passwd = NULL; - -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) -+ /* -+ * In OpenSSL >= 1.1.0f SSL_use_PrivateKey_file() uses the callback -+ * from the SSL object. See OpenSSL commit d61461a75253. -+ */ -+ SSL_set_default_passwd_cb(conn->ssl, tls_passwd_cb); -+ SSL_set_default_passwd_cb_userdata(conn->ssl, passwd); -+#endif /* >= 1.1.0f && !LibreSSL */ -+ /* Keep these for OpenSSL < 1.1.0f */ - SSL_CTX_set_default_passwd_cb(ssl_ctx, tls_passwd_cb); - SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, passwd); - -@@ -2886,6 +2895,9 @@ static int tls_connection_private_key(struct tls_data *data, - return -1; - } - ERR_clear_error(); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) -+ SSL_set_default_passwd_cb(conn->ssl, NULL); -+#endif /* >= 1.1.0f && !LibreSSL */ - SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL); - os_free(passwd); - --- -cgit v0.12 - |