3 files changed, 28 insertions, 29 deletions
diff --git a/patches/netcat.c.patch b/patches/netcat.c.patch
index 7160d4c..7ba6b5f 100644
--- a/patches/netcat.c.patch
+++ b/patches/netcat.c.patch
@@ -1,5 +1,5 @@
--- apps/nc/netcat.c.orig       2017-07-07 00:10:09.009409624 +0900
+--- apps/nc/netcat.c.orig       Mon Jul 17 06:06:51 2017
-+++ apps/nc/netcat.c    2017-07-07 00:30:32.380088772 +0900
+++ apps/nc/netcat.c    Mon Jul 17 06:11:24 2017
 @@ -66,7 +66,9 @@
 #define POLL_NETIN     2
 #define POLL_STDOUT    3
@@ -10,7 +10,7 @@
 
 #define TLS_ALL        (1 << 1)
 #define TLS_NOVERIFY   (1 << 2)
-@@ -94,9 +96,13 @@ int  zflag;                                  /* Port Scan Flag */
+@@ -95,9 +97,13 @@
 int    Dflag;                                  /* sodebug */
 int    Iflag;                                  /* TCP receive buffer size */
 int    Oflag;                                  /* TCP send buffer size */
@@ -24,7 +24,7 @@
 
 int    usetls;                                 /* use TLS */
 char    *Cflag;                                        /* Public cert file */
-@@ -265,12 +271,14 @@ main(int argc, char *argv[])
+@@ -266,12 +272,14 @@
                case 'u':
                        uflag = 1;
                        break;
@@ -39,7 +39,7 @@
                case 'v':
                        vflag = 1;
                        break;
-@@ -317,9 +325,11 @@ main(int argc, char *argv[])
+@@ -318,9 +326,11 @@
                case 'o':
                        oflag = optarg;
                        break;
@@ -51,7 +51,7 @@
                case 'T':
                        errstr = NULL;
                        errno = 0;
-@@ -343,9 +353,11 @@ main(int argc, char *argv[])
+@@ -344,9 +354,11 @@
        argc -= optind;
        argv += optind;
 
@@ -63,7 +63,7 @@
 
        if (family == AF_UNIX) {
                if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1)
-@@ -888,7 +900,10 @@ int
+@@ -892,7 +904,10 @@
 remote_connect(const char *host, const char *port, struct addrinfo hints)
 {
        struct addrinfo *res, *res0;
@@ -75,7 +75,7 @@
 
        if ((error = getaddrinfo(host, port, &hints, &res0)))
                errx(1, "getaddrinfo for host \"%s\" port %s: %s", host,
-@@ -903,8 +918,10 @@ remote_connect(const char *host, const c
+@@ -907,8 +922,10 @@
                if (sflag || pflag) {
                        struct addrinfo ahints, *ares;
 
@@ -86,7 +86,7 @@
                        memset(&ahints, 0, sizeof(struct addrinfo));
                        ahints.ai_family = res->ai_family;
                        ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
-@@ -975,7 +992,10 @@ int
+@@ -979,7 +996,10 @@
 local_listen(char *host, char *port, struct addrinfo hints)
 {
        struct addrinfo *res, *res0;
@@ -98,7 +98,7 @@
        int error;
 
        /* Allow nodename to be null. */
-@@ -996,9 +1016,11 @@ local_listen(char *host, char *port, str
+@@ -1000,9 +1020,11 @@
                    res->ai_protocol)) < 0)
                        continue;
 
@@ -110,7 +110,7 @@
 
                set_common_sockopts(s, res->ai_family);
 
-@@ -1454,11 +1476,13 @@ set_common_sockopts(int s, int af)
+@@ -1458,11 +1480,13 @@
 {
        int x = 1;
 
@@ -124,7 +124,7 @@
        if (Dflag) {
                if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
                        &x, sizeof(x)) == -1)
-@@ -1469,9 +1493,16 @@ set_common_sockopts(int s, int af)
+@@ -1473,9 +1497,16 @@
                    IP_TOS, &Tflag, sizeof(Tflag)) == -1)
                        err(1, "set IP ToS");
 
@@ -141,7 +141,7 @@
        }
        if (Iflag) {
                if (setsockopt(s, SOL_SOCKET, SO_RCVBUF,
-@@ -1495,13 +1526,17 @@ set_common_sockopts(int s, int af)
+@@ -1499,13 +1530,17 @@
        }
 
        if (minttl != -1) {
@@ -160,7 +160,7 @@
        }
 }
 
-@@ -1709,14 +1744,22 @@ help(void)
+@@ -1714,14 +1749,22 @@
        \t-P proxyuser\tUsername for proxy authentication\n\
        \t-p port\t     Specify local port for remote connects\n\
        \t-R CAfile     CA bundle\n\
diff --git a/patches/tls_internal.h.patch b/patches/tls_internal.h.patch
index 0f50827..e82bf96 100644
--- a/patches/tls_internal.h.patch
+++ b/patches/tls_internal.h.patch
@@ -1,12 +1,12 @@
--- ./openbsd/src/lib/libtls/tls_internal.h     Thu Oct 15 16:12:24 2015
+--- tls/tls_internal.h.orig     Sun Jul  9 06:16:17 2017
-+++ ./tls/tls_internal.h        Sun Dec  6 20:18:17 2015
+++ tls/tls_internal.h  Mon Jul 17 06:10:01 2017
-@@ -24,7 +24,9 @@
+@@ -26,7 +26,9 @@
 
- #include <openssl/ssl.h>
+ __BEGIN_HIDDEN_DECLS
 
 +#ifndef _PATH_SSL_CA_FILE
 #define _PATH_SSL_CA_FILE "/etc/ssl/cert.pem"
 +#endif
 
- #define TLS_CIPHERS_COMPAT     "ALL:!aNULL:!eNULL"
 #define TLS_CIPHERS_DEFAULT    "TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE"
+ #define TLS_CIPHERS_COMPAT     "HIGH:!aNULL"
diff --git a/patches/windows_headers.patch b/patches/windows_headers.patch
index e8b4022..5d216fb 100644
--- a/patches/windows_headers.patch
+++ b/patches/windows_headers.patch
@@ -4,36 +4,35 @@ diff -u include/openssl.orig/dtls1.h include/openssl/dtls1.h
 @@ -60,7 +60,11 @@
 #ifndef HEADER_DTLS1_H
 #define HEADER_DTLS1_H
- 
 +#if defined(_WIN32)
 +#include <winsock2.h>
 +#else
 #include <sys/time.h>
 +#endif
- 
 #include <stdio.h>
 #include <stdlib.h>
-diff -u include/openssl.orig/opensslconf.h include/openssl/opensslconf.h
+--- include/openssl/opensslconf.h.orig  Sat Nov  5 08:36:25 2016
--- include/openssl.orig/opensslconf.h  Mon Dec  7 07:58:32 2015
+++ include/openssl/opensslconf.h       Mon Jul 17 06:06:58 2017
-+++ include/openssl/opensslconf.h       Mon Dec  7 07:56:14 2015
 @@ -1,6 +1,10 @@
 #include <openssl/opensslfeatures.h>
 /* crypto/opensslconf.h.in */
- 
 +#if defined(_MSC_VER) && !defined(__attribute__)
 +#define __attribute__(a)
 +#endif
 +
 #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
 #define OPENSSLDIR "/etc/ssl"
+ #endif
 diff -u include/openssl.orig/ossl_typ.h include/openssl/ossl_typ.h
 --- include/openssl.orig/ossl_typ.h     Mon Dec  7 07:58:32 2015
 +++ include/openssl/ossl_typ.h  Mon Dec  7 07:56:14 2015
 @@ -80,6 +80,22 @@
 typedef struct ASN1_ITEM_st ASN1_ITEM;
 typedef struct asn1_pctx_st ASN1_PCTX;
- 
 +#if defined(_WIN32) && defined(__WINCRYPT_H__)
 +#ifndef LIBRESSL_INTERNAL
 +#ifdef _MSC_VER
@@ -59,7 +58,7 @@ diff -u include/openssl.orig/pkcs7.h include/openssl/pkcs7.h
 @@ -69,6 +69,18 @@
 extern "C" {
 #endif
- 
 +#if defined(_WIN32) && defined(__WINCRYPT_H__)
 +#ifndef LIBRESSL_INTERNAL
 +#ifdef _MSC_VER
@@ -81,7 +80,7 @@ diff -u include/openssl.orig/x509.h include/openssl/x509.h
 @@ -112,6 +112,19 @@
 extern "C" {
 #endif
- 
 +#if defined(_WIN32)
 +#ifndef LIBRESSL_INTERNAL
 +#ifdef _MSC_VER

diff --git a/patches/netcat.c.patch b/patches/netcat.c.patch index 7160d4c..7ba6b5f 100644 --- a/patches/netcat.c.patch +++ b/patches/netcat.c.patch
@@ -1,5 +1,5 @@
1	--- apps/nc/netcat.c.orig 2017-07-07 00:10:09.009409624 +0900	1	--- apps/nc/netcat.c.orig Mon Jul 17 06:06:51 2017
2	+++ apps/nc/netcat.c 2017-07-07 00:30:32.380088772 +0900	2	+++ apps/nc/netcat.c Mon Jul 17 06:11:24 2017
3	@@ -66,7 +66,9 @@	3	@@ -66,7 +66,9 @@
4	#define POLL_NETIN 2	4	#define POLL_NETIN 2
5	#define POLL_STDOUT 3	5	#define POLL_STDOUT 3
@@ -10,7 +10,7 @@
10		10
11	#define TLS_ALL (1 << 1)	11	#define TLS_ALL (1 << 1)
12	#define TLS_NOVERIFY (1 << 2)	12	#define TLS_NOVERIFY (1 << 2)
13	@@ -94,9 +96,13 @@ int zflag; /* Port Scan Flag */	13	@@ -95,9 +97,13 @@
14	int Dflag; /* sodebug */	14	int Dflag; /* sodebug */
15	int Iflag; /* TCP receive buffer size */	15	int Iflag; /* TCP receive buffer size */
16	int Oflag; /* TCP send buffer size */	16	int Oflag; /* TCP send buffer size */
@@ -24,7 +24,7 @@
24		24
25	int usetls; /* use TLS */	25	int usetls; /* use TLS */
26	char Cflag; / Public cert file */	26	char Cflag; / Public cert file */
27	@@ -265,12 +271,14 @@ main(int argc, char *argv[])	27	@@ -266,12 +272,14 @@
28	case 'u':	28	case 'u':
29	uflag = 1;	29	uflag = 1;
30	break;	30	break;
@@ -39,7 +39,7 @@
39	case 'v':	39	case 'v':
40	vflag = 1;	40	vflag = 1;
41	break;	41	break;
42	@@ -317,9 +325,11 @@ main(int argc, char *argv[])	42	@@ -318,9 +326,11 @@
43	case 'o':	43	case 'o':
44	oflag = optarg;	44	oflag = optarg;
45	break;	45	break;
@@ -51,7 +51,7 @@
51	case 'T':	51	case 'T':
52	errstr = NULL;	52	errstr = NULL;
53	errno = 0;	53	errno = 0;
54	@@ -343,9 +353,11 @@ main(int argc, char *argv[])	54	@@ -344,9 +354,11 @@
55	argc -= optind;	55	argc -= optind;
56	argv += optind;	56	argv += optind;
57		57
@@ -63,7 +63,7 @@
63		63
64	if (family == AF_UNIX) {	64	if (family == AF_UNIX) {
65	if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1)	65	if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1)
66	@@ -888,7 +900,10 @@ int	66	@@ -892,7 +904,10 @@
67	remote_connect(const char host, const char port, struct addrinfo hints)	67	remote_connect(const char host, const char port, struct addrinfo hints)
68	{	68	{
69	struct addrinfo res, res0;	69	struct addrinfo res, res0;
@@ -75,7 +75,7 @@
75		75
76	if ((error = getaddrinfo(host, port, &hints, &res0)))	76	if ((error = getaddrinfo(host, port, &hints, &res0)))
77	errx(1, "getaddrinfo for host \"%s\" port %s: %s", host,	77	errx(1, "getaddrinfo for host \"%s\" port %s: %s", host,
78	@@ -903,8 +918,10 @@ remote_connect(const char *host, const c	78	@@ -907,8 +922,10 @@
79	if (sflag \|\| pflag) {	79	if (sflag \|\| pflag) {
80	struct addrinfo ahints, *ares;	80	struct addrinfo ahints, *ares;
81		81
@@ -86,7 +86,7 @@
86	memset(&ahints, 0, sizeof(struct addrinfo));	86	memset(&ahints, 0, sizeof(struct addrinfo));
87	ahints.ai_family = res->ai_family;	87	ahints.ai_family = res->ai_family;
88	ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;	88	ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
89	@@ -975,7 +992,10 @@ int	89	@@ -979,7 +996,10 @@
90	local_listen(char host, char port, struct addrinfo hints)	90	local_listen(char host, char port, struct addrinfo hints)
91	{	91	{
92	struct addrinfo res, res0;	92	struct addrinfo res, res0;
@@ -98,7 +98,7 @@
98	int error;	98	int error;
99		99
100	/* Allow nodename to be null. */	100	/* Allow nodename to be null. */
101	@@ -996,9 +1016,11 @@ local_listen(char host, char port, str	101	@@ -1000,9 +1020,11 @@
102	res->ai_protocol)) < 0)	102	res->ai_protocol)) < 0)
103	continue;	103	continue;
104		104
@@ -110,7 +110,7 @@
110		110
111	set_common_sockopts(s, res->ai_family);	111	set_common_sockopts(s, res->ai_family);
112		112
113	@@ -1454,11 +1476,13 @@ set_common_sockopts(int s, int af)	113	@@ -1458,11 +1480,13 @@
114	{	114	{
115	int x = 1;	115	int x = 1;
116		116
@@ -124,7 +124,7 @@
124	if (Dflag) {	124	if (Dflag) {
125	if (setsockopt(s, SOL_SOCKET, SO_DEBUG,	125	if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
126	&x, sizeof(x)) == -1)	126	&x, sizeof(x)) == -1)
127	@@ -1469,9 +1493,16 @@ set_common_sockopts(int s, int af)	127	@@ -1473,9 +1497,16 @@
128	IP_TOS, &Tflag, sizeof(Tflag)) == -1)	128	IP_TOS, &Tflag, sizeof(Tflag)) == -1)
129	err(1, "set IP ToS");	129	err(1, "set IP ToS");
130		130
@@ -141,7 +141,7 @@
141	}	141	}
142	if (Iflag) {	142	if (Iflag) {
143	if (setsockopt(s, SOL_SOCKET, SO_RCVBUF,	143	if (setsockopt(s, SOL_SOCKET, SO_RCVBUF,
144	@@ -1495,13 +1526,17 @@ set_common_sockopts(int s, int af)	144	@@ -1499,13 +1530,17 @@
145	}	145	}
146		146
147	if (minttl != -1) {	147	if (minttl != -1) {
@@ -160,7 +160,7 @@
160	}	160	}
161	}	161	}
162		162
163	@@ -1709,14 +1744,22 @@ help(void)	163	@@ -1714,14 +1749,22 @@
164	\t-P proxyuser\tUsername for proxy authentication\n\	164	\t-P proxyuser\tUsername for proxy authentication\n\
165	\t-p port\t Specify local port for remote connects\n\	165	\t-p port\t Specify local port for remote connects\n\
166	\t-R CAfile CA bundle\n\	166	\t-R CAfile CA bundle\n\


diff --git a/patches/tls_internal.h.patch b/patches/tls_internal.h.patch index 0f50827..e82bf96 100644 --- a/patches/tls_internal.h.patch +++ b/patches/tls_internal.h.patch
@@ -1,12 +1,12 @@
1	--- ./openbsd/src/lib/libtls/tls_internal.h Thu Oct 15 16:12:24 2015	1	--- tls/tls_internal.h.orig Sun Jul 9 06:16:17 2017
2	+++ ./tls/tls_internal.h Sun Dec 6 20:18:17 2015	2	+++ tls/tls_internal.h Mon Jul 17 06:10:01 2017
3	@@ -24,7 +24,9 @@	3	@@ -26,7 +26,9 @@
4		4
5	#include <openssl/ssl.h>	5	__BEGIN_HIDDEN_DECLS
6		6
7	+#ifndef _PATH_SSL_CA_FILE	7	+#ifndef _PATH_SSL_CA_FILE
8	#define _PATH_SSL_CA_FILE "/etc/ssl/cert.pem"	8	#define _PATH_SSL_CA_FILE "/etc/ssl/cert.pem"
9	+#endif	9	+#endif
10		10
11	#define TLS_CIPHERS_COMPAT "ALL:!aNULL:!eNULL"
12	#define TLS_CIPHERS_DEFAULT "TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE"	11	#define TLS_CIPHERS_DEFAULT "TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE"
		12	#define TLS_CIPHERS_COMPAT "HIGH:!aNULL"


diff --git a/patches/windows_headers.patch b/patches/windows_headers.patch index e8b4022..5d216fb 100644 --- a/patches/windows_headers.patch +++ b/patches/windows_headers.patch
@@ -4,36 +4,35 @@ diff -u include/openssl.orig/dtls1.h include/openssl/dtls1.h
4	@@ -60,7 +60,11 @@	4	@@ -60,7 +60,11 @@
5	#ifndef HEADER_DTLS1_H	5	#ifndef HEADER_DTLS1_H
6	#define HEADER_DTLS1_H	6	#define HEADER_DTLS1_H
7		7
8	+#if defined(_WIN32)	8	+#if defined(_WIN32)
9	+#include <winsock2.h>	9	+#include <winsock2.h>
10	+#else	10	+#else
11	#include <sys/time.h>	11	#include <sys/time.h>
12	+#endif	12	+#endif
13		13
14	#include <stdio.h>	14	#include <stdio.h>
15	#include <stdlib.h>	15	#include <stdlib.h>
16	diff -u include/openssl.orig/opensslconf.h include/openssl/opensslconf.h	16	--- include/openssl/opensslconf.h.orig Sat Nov 5 08:36:25 2016
17	--- include/openssl.orig/opensslconf.h Mon Dec 7 07:58:32 2015	17	+++ include/openssl/opensslconf.h Mon Jul 17 06:06:58 2017
18	+++ include/openssl/opensslconf.h Mon Dec 7 07:56:14 2015
19	@@ -1,6 +1,10 @@	18	@@ -1,6 +1,10 @@
20	#include <openssl/opensslfeatures.h>	19	#include <openssl/opensslfeatures.h>
21	/* crypto/opensslconf.h.in */	20	/* crypto/opensslconf.h.in */
22		21
23	+#if defined(_MSC_VER) && !defined(__attribute__)	22	+#if defined(_MSC_VER) && !defined(__attribute__)
24	+#define __attribute__(a)	23	+#define __attribute__(a)
25	+#endif	24	+#endif
26	+	25	+
27	#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)	26	#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
28	#define OPENSSLDIR "/etc/ssl"	27	#define OPENSSLDIR "/etc/ssl"
29		28	#endif
30	diff -u include/openssl.orig/ossl_typ.h include/openssl/ossl_typ.h	29	diff -u include/openssl.orig/ossl_typ.h include/openssl/ossl_typ.h
31	--- include/openssl.orig/ossl_typ.h Mon Dec 7 07:58:32 2015	30	--- include/openssl.orig/ossl_typ.h Mon Dec 7 07:58:32 2015
32	+++ include/openssl/ossl_typ.h Mon Dec 7 07:56:14 2015	31	+++ include/openssl/ossl_typ.h Mon Dec 7 07:56:14 2015
33	@@ -80,6 +80,22 @@	32	@@ -80,6 +80,22 @@
34	typedef struct ASN1_ITEM_st ASN1_ITEM;	33	typedef struct ASN1_ITEM_st ASN1_ITEM;
35	typedef struct asn1_pctx_st ASN1_PCTX;	34	typedef struct asn1_pctx_st ASN1_PCTX;
36		35
37	+#if defined(_WIN32) && defined(__WINCRYPT_H__)	36	+#if defined(_WIN32) && defined(__WINCRYPT_H__)
38	+#ifndef LIBRESSL_INTERNAL	37	+#ifndef LIBRESSL_INTERNAL
39	+#ifdef _MSC_VER	38	+#ifdef _MSC_VER
@@ -59,7 +58,7 @@ diff -u include/openssl.orig/pkcs7.h include/openssl/pkcs7.h
59	@@ -69,6 +69,18 @@	58	@@ -69,6 +69,18 @@
60	extern "C" {	59	extern "C" {
61	#endif	60	#endif
62		61
63	+#if defined(_WIN32) && defined(__WINCRYPT_H__)	62	+#if defined(_WIN32) && defined(__WINCRYPT_H__)
64	+#ifndef LIBRESSL_INTERNAL	63	+#ifndef LIBRESSL_INTERNAL
65	+#ifdef _MSC_VER	64	+#ifdef _MSC_VER
@@ -81,7 +80,7 @@ diff -u include/openssl.orig/x509.h include/openssl/x509.h
81	@@ -112,6 +112,19 @@	80	@@ -112,6 +112,19 @@
82	extern "C" {	81	extern "C" {
83	#endif	82	#endif
84		83
85	+#if defined(_WIN32)	84	+#if defined(_WIN32)
86	+#ifndef LIBRESSL_INTERNAL	85	+#ifndef LIBRESSL_INTERNAL
87	+#ifdef _MSC_VER	86	+#ifdef _MSC_VER