aboutsummaryrefslogtreecommitdiff
path: root/patches
diff options
context:
space:
mode:
Diffstat (limited to 'patches')
-rw-r--r--patches/aeadtest.c.patch10
-rw-r--r--patches/bio.h.patch18
-rw-r--r--patches/http.c.patch12
-rw-r--r--patches/netcat.c.patch72
-rw-r--r--patches/ocsp_test.c.patch8
-rw-r--r--patches/tls_internal.h.patch12
-rw-r--r--patches/tlsexttest.c.patch18
7 files changed, 57 insertions, 93 deletions
diff --git a/patches/aeadtest.c.patch b/patches/aeadtest.c.patch
index ce62107..a7b3fca 100644
--- a/patches/aeadtest.c.patch
+++ b/patches/aeadtest.c.patch
@@ -1,9 +1,9 @@
1--- tests/aeadtest.c.orig 2016-10-18 17:03:33.845870889 +0900 1--- tests/aeadtest.c.orig 2018-07-24 21:59:17.000000000 -0500
2+++ tests/aeadtest.c 2016-10-18 17:11:19.880841283 +0900 2+++ tests/aeadtest.c 2018-11-07 18:44:43.000000000 -0600
3@@ -75,6 +75,12 @@ 3@@ -76,6 +76,12 @@
4 4
5 #define BUF_MAX 1024 5 #define BUF_MAX 1024
6 6
7+#ifdef _MSC_VER 7+#ifdef _MSC_VER
8+#ifdef IN 8+#ifdef IN
9+#undef IN 9+#undef IN
diff --git a/patches/bio.h.patch b/patches/bio.h.patch
index 7212b54..e726e20 100644
--- a/patches/bio.h.patch
+++ b/patches/bio.h.patch
@@ -1,12 +1,12 @@
1--- include/openssl/bio.h.orig Mon Oct 3 06:09:28 2016 1--- include/openssl/bio.h.orig 2018-07-24 21:59:17.000000000 -0500
2+++ include/openssl/bio.h Sun Nov 6 04:24:57 2016 2+++ include/openssl/bio.h 2018-11-07 18:44:43.000000000 -0600
3@@ -678,8 +678,24 @@ 3@@ -713,6 +713,22 @@
4 4
5 /*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/ 5 /*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/
6 6
7+#ifdef __MINGW_PRINTF_FORMAT 7+#ifdef __MINGW_PRINTF_FORMAT
8 int 8+int
9 BIO_printf(BIO *bio, const char *format, ...) 9+BIO_printf(BIO *bio, const char *format, ...)
10+ __attribute__((__format__(__MINGW_PRINTF_FORMAT, 2, 3), __nonnull__(2))); 10+ __attribute__((__format__(__MINGW_PRINTF_FORMAT, 2, 3), __nonnull__(2)));
11+int 11+int
12+BIO_vprintf(BIO *bio, const char *format, va_list args) 12+BIO_vprintf(BIO *bio, const char *format, va_list args)
@@ -20,12 +20,10 @@
20+ __attribute__((__deprecated__, __format__(__MINGW_PRINTF_FORMAT, 3, 0), 20+ __attribute__((__deprecated__, __format__(__MINGW_PRINTF_FORMAT, 3, 0),
21+ __nonnull__(3))); 21+ __nonnull__(3)));
22+#else 22+#else
23+int
24+BIO_printf(BIO *bio, const char *format, ...)
25 __attribute__((__format__(__printf__, 2, 3), __nonnull__(2)));
26 int 23 int
27 BIO_vprintf(BIO *bio, const char *format, va_list args) 24 BIO_printf(BIO *bio, const char *format, ...)
28@@ -692,6 +708,8 @@ 25 __attribute__((__format__(__printf__, 2, 3), __nonnull__(2)));
26@@ -727,6 +743,8 @@
29 BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) 27 BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
30 __attribute__((__deprecated__, __format__(__printf__, 3, 0), 28 __attribute__((__deprecated__, __format__(__printf__, 3, 0),
31 __nonnull__(3))); 29 __nonnull__(3)));
diff --git a/patches/http.c.patch b/patches/http.c.patch
deleted file mode 100644
index 0e620cf..0000000
--- a/patches/http.c.patch
+++ /dev/null
@@ -1,12 +0,0 @@
1--- apps/ocspcheck/http.c.orig Sun Jun 4 00:45:29 2017
2+++ apps/ocspcheck/http.c Sun Jun 4 00:45:57 2017
3@@ -35,7 +35,9 @@
4 #include "http.h"
5 #include <tls.h>
6
7+#ifndef DEFAULT_CA_FILE
8 #define DEFAULT_CA_FILE "/etc/ssl/cert.pem"
9+#endif
10
11 /*
12 * A buffer for transferring HTTP/S data.
diff --git a/patches/netcat.c.patch b/patches/netcat.c.patch
index 35f88db..07205ec 100644
--- a/patches/netcat.c.patch
+++ b/patches/netcat.c.patch
@@ -1,16 +1,6 @@
1--- apps/nc/netcat.c.orig Mon Jul 17 06:06:51 2017 1--- apps/nc/netcat.c.orig 2018-11-07 17:01:38.000000000 -0600
2+++ apps/nc/netcat.c Mon Jul 17 06:11:24 2017 2+++ apps/nc/netcat.c 2018-11-07 17:37:57.000000000 -0600
3@@ -66,7 +66,9 @@ 3@@ -92,9 +92,13 @@
4 #define POLL_NETIN 2
5 #define POLL_STDOUT 3
6 #define BUFSIZE 16384
7+#ifndef DEFAULT_CA_FILE
8 #define DEFAULT_CA_FILE "/etc/ssl/cert.pem"
9+#endif
10
11 #define TLS_ALL (1 << 1)
12 #define TLS_NOVERIFY (1 << 2)
13@@ -95,9 +97,13 @@
14 int Dflag; /* sodebug */ 4 int Dflag; /* sodebug */
15 int Iflag; /* TCP receive buffer size */ 5 int Iflag; /* TCP receive buffer size */
16 int Oflag; /* TCP send buffer size */ 6 int Oflag; /* TCP send buffer size */
@@ -21,10 +11,10 @@
21+#ifdef SO_RTABLE 11+#ifdef SO_RTABLE
22 int rtableid = -1; 12 int rtableid = -1;
23+#endif 13+#endif
24 14
25 int usetls; /* use TLS */ 15 int usetls; /* use TLS */
26 char *Cflag; /* Public cert file */ 16 char *Cflag; /* Public cert file */
27@@ -266,12 +272,14 @@ 17@@ -266,12 +270,14 @@
28 case 'u': 18 case 'u':
29 uflag = 1; 19 uflag = 1;
30 break; 20 break;
@@ -39,7 +29,7 @@
39 case 'v': 29 case 'v':
40 vflag = 1; 30 vflag = 1;
41 break; 31 break;
42@@ -318,9 +326,11 @@ 32@@ -318,9 +324,11 @@
43 case 'o': 33 case 'o':
44 oflag = optarg; 34 oflag = optarg;
45 break; 35 break;
@@ -51,19 +41,19 @@
51 case 'T': 41 case 'T':
52 errstr = NULL; 42 errstr = NULL;
53 errno = 0; 43 errno = 0;
54@@ -344,9 +354,11 @@ 44@@ -344,9 +352,11 @@
55 argc -= optind; 45 argc -= optind;
56 argv += optind; 46 argv += optind;
57 47
58+#ifdef SO_RTABLE 48+#ifdef SO_RTABLE
59 if (rtableid >= 0) 49 if (rtableid >= 0)
60 if (setrtable(rtableid) == -1) 50 if (setrtable(rtableid) == -1)
61 err(1, "setrtable"); 51 err(1, "setrtable");
62+#endif 52+#endif
63 53
64 if (family == AF_UNIX) { 54 /* Cruft to make sure options are clean, and used properly. */
65 if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1) 55 if (argv[0] && !argv[1] && family == AF_UNIX) {
66@@ -892,7 +904,10 @@ 56@@ -909,7 +919,10 @@
67 remote_connect(const char *host, const char *port, struct addrinfo hints) 57 remote_connect(const char *host, const char *port, struct addrinfo hints)
68 { 58 {
69 struct addrinfo *res, *res0; 59 struct addrinfo *res, *res0;
@@ -72,13 +62,13 @@
72+#ifdef SO_BINDANY 62+#ifdef SO_BINDANY
73+ int on = 1; 63+ int on = 1;
74+#endif 64+#endif
75 65
76 if ((error = getaddrinfo(host, port, &hints, &res0))) 66 if ((error = getaddrinfo(host, port, &hints, &res0)))
77 errx(1, "getaddrinfo for host \"%s\" port %s: %s", host, 67 errx(1, "getaddrinfo for host \"%s\" port %s: %s", host,
78@@ -907,8 +922,10 @@ 68@@ -924,8 +937,10 @@
79 if (sflag || pflag) { 69 if (sflag || pflag) {
80 struct addrinfo ahints, *ares; 70 struct addrinfo ahints, *ares;
81 71
82+#ifdef SO_BINDANY 72+#ifdef SO_BINDANY
83 /* try SO_BINDANY, but don't insist */ 73 /* try SO_BINDANY, but don't insist */
84 setsockopt(s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on)); 74 setsockopt(s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on));
@@ -86,8 +76,8 @@
86 memset(&ahints, 0, sizeof(struct addrinfo)); 76 memset(&ahints, 0, sizeof(struct addrinfo));
87 ahints.ai_family = res->ai_family; 77 ahints.ai_family = res->ai_family;
88 ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; 78 ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
89@@ -979,7 +996,10 @@ 79@@ -996,7 +1011,10 @@
90 local_listen(char *host, char *port, struct addrinfo hints) 80 local_listen(const char *host, const char *port, struct addrinfo hints)
91 { 81 {
92 struct addrinfo *res, *res0; 82 struct addrinfo *res, *res0;
93- int s = -1, ret, x = 1, save_errno; 83- int s = -1, ret, x = 1, save_errno;
@@ -96,24 +86,24 @@
96+ int ret, x = 1; 86+ int ret, x = 1;
97+#endif 87+#endif
98 int error; 88 int error;
99 89
100 /* Allow nodename to be null. */ 90 /* Allow nodename to be null. */
101@@ -1000,9 +1020,11 @@ 91@@ -1017,9 +1035,11 @@
102 res->ai_protocol)) < 0) 92 res->ai_protocol)) < 0)
103 continue; 93 continue;
104 94
105+#ifdef SO_REUSEPORT 95+#ifdef SO_REUSEPORT
106 ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x)); 96 ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
107 if (ret == -1) 97 if (ret == -1)
108 err(1, NULL); 98 err(1, NULL);
109+#endif 99+#endif
110 100
111 set_common_sockopts(s, res->ai_family); 101 set_common_sockopts(s, res->ai_family);
112 102
113@@ -1458,11 +1480,13 @@ 103@@ -1475,11 +1495,13 @@
114 { 104 {
115 int x = 1; 105 int x = 1;
116 106
117+#ifdef TCP_MD5SIG 107+#ifdef TCP_MD5SIG
118 if (Sflag) { 108 if (Sflag) {
119 if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG, 109 if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
@@ -124,10 +114,10 @@
124 if (Dflag) { 114 if (Dflag) {
125 if (setsockopt(s, SOL_SOCKET, SO_DEBUG, 115 if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
126 &x, sizeof(x)) == -1) 116 &x, sizeof(x)) == -1)
127@@ -1473,9 +1497,16 @@ 117@@ -1490,9 +1512,16 @@
128 IP_TOS, &Tflag, sizeof(Tflag)) == -1) 118 IP_TOS, &Tflag, sizeof(Tflag)) == -1)
129 err(1, "set IP ToS"); 119 err(1, "set IP ToS");
130 120
131+#ifdef IPV6_TCLASS 121+#ifdef IPV6_TCLASS
132 else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6, 122 else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
133 IPV6_TCLASS, &Tflag, sizeof(Tflag)) == -1) 123 IPV6_TCLASS, &Tflag, sizeof(Tflag)) == -1)
@@ -141,16 +131,16 @@
141 } 131 }
142 if (Iflag) { 132 if (Iflag) {
143 if (setsockopt(s, SOL_SOCKET, SO_RCVBUF, 133 if (setsockopt(s, SOL_SOCKET, SO_RCVBUF,
144@@ -1499,13 +1530,17 @@ 134@@ -1516,13 +1545,17 @@
145 } 135 }
146 136
147 if (minttl != -1) { 137 if (minttl != -1) {
148+#ifdef IP_MINTTL 138+#ifdef IP_MINTTL
149 if (af == AF_INET && setsockopt(s, IPPROTO_IP, 139 if (af == AF_INET && setsockopt(s, IPPROTO_IP,
150 IP_MINTTL, &minttl, sizeof(minttl))) 140 IP_MINTTL, &minttl, sizeof(minttl)))
151 err(1, "set IP min TTL"); 141 err(1, "set IP min TTL");
152+#endif 142+#endif
153 143
154- else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6, 144- else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
155+#ifdef IPV6_MINHOPCOUNT 145+#ifdef IPV6_MINHOPCOUNT
156+ if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6, 146+ if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
@@ -159,8 +149,8 @@
159+#endif 149+#endif
160 } 150 }
161 } 151 }
162 152
163@@ -1714,14 +1749,22 @@ 153@@ -1748,14 +1781,22 @@
164 \t-P proxyuser\tUsername for proxy authentication\n\ 154 \t-P proxyuser\tUsername for proxy authentication\n\
165 \t-p port\t Specify local port for remote connects\n\ 155 \t-p port\t Specify local port for remote connects\n\
166 \t-R CAfile CA bundle\n\ 156 \t-R CAfile CA bundle\n\
diff --git a/patches/ocsp_test.c.patch b/patches/ocsp_test.c.patch
index aa427db..39f1326 100644
--- a/patches/ocsp_test.c.patch
+++ b/patches/ocsp_test.c.patch
@@ -1,9 +1,9 @@
1--- tests/ocsp_test.c.orig 2016-10-18 18:12:39.854607509 +0900 1--- tests/ocsp_test.c.orig 2018-07-24 21:59:17.000000000 -0500
2+++ tests/ocsp_test.c 2016-10-18 18:14:29.261600559 +0900 2+++ tests/ocsp_test.c 2018-11-07 18:44:43.000000000 -0600
3@@ -16,6 +16,11 @@ 3@@ -35,6 +35,11 @@
4 hints.ai_family = AF_INET; 4 hints.ai_family = AF_INET;
5 hints.ai_socktype = SOCK_STREAM; 5 hints.ai_socktype = SOCK_STREAM;
6 6
7+#ifdef _MSC_VER 7+#ifdef _MSC_VER
8+ if (BIO_sock_init() != 1) 8+ if (BIO_sock_init() != 1)
9+ exit(-1); 9+ exit(-1);
diff --git a/patches/tls_internal.h.patch b/patches/tls_internal.h.patch
deleted file mode 100644
index e82bf96..0000000
--- a/patches/tls_internal.h.patch
+++ /dev/null
@@ -1,12 +0,0 @@
1--- tls/tls_internal.h.orig Sun Jul 9 06:16:17 2017
2+++ tls/tls_internal.h Mon Jul 17 06:10:01 2017
3@@ -26,7 +26,9 @@
4
5 __BEGIN_HIDDEN_DECLS
6
7+#ifndef _PATH_SSL_CA_FILE
8 #define _PATH_SSL_CA_FILE "/etc/ssl/cert.pem"
9+#endif
10
11 #define TLS_CIPHERS_DEFAULT "TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE"
12 #define TLS_CIPHERS_COMPAT "HIGH:!aNULL"
diff --git a/patches/tlsexttest.c.patch b/patches/tlsexttest.c.patch
index 981fc95..cdec053 100644
--- a/patches/tlsexttest.c.patch
+++ b/patches/tlsexttest.c.patch
@@ -1,6 +1,6 @@
1--- tests/tlsexttest.c.orig 2017-12-30 20:03:09.279079726 +0900 1--- tests/tlsexttest.c.orig Wed Nov 7 20:01:26 2018
2+++ tests/tlsexttest.c 2017-12-30 20:07:21.849939140 +0900 2+++ tests/tlsexttest.c Wed Nov 7 20:01:35 2018
3@@ -1676,7 +1676,9 @@ static unsigned char tlsext_sni_clienthe 3@@ -1676,7 +1676,9 @@
4 }; 4 };
5 5
6 static unsigned char tlsext_sni_serverhello[] = { 6 static unsigned char tlsext_sni_serverhello[] = {
@@ -10,7 +10,7 @@
10 10
11 static int 11 static int
12 test_tlsext_sni_clienthello(void) 12 test_tlsext_sni_clienthello(void)
13@@ -1839,9 +1841,9 @@ test_tlsext_sni_serverhello(void) 13@@ -1839,9 +1841,9 @@
14 if (!CBB_finish(&cbb, &data, &dlen)) 14 if (!CBB_finish(&cbb, &data, &dlen))
15 errx(1, "failed to finish CBB"); 15 errx(1, "failed to finish CBB");
16 16
@@ -22,7 +22,7 @@
22 goto err; 22 goto err;
23 } 23 }
24 24
25@@ -1850,14 +1852,14 @@ test_tlsext_sni_serverhello(void) 25@@ -1850,14 +1852,14 @@
26 fprintf(stderr, "received:\n"); 26 fprintf(stderr, "received:\n");
27 hexdump(data, dlen); 27 hexdump(data, dlen);
28 fprintf(stderr, "test data:\n"); 28 fprintf(stderr, "test data:\n");
@@ -39,7 +39,7 @@
39 if (!tlsext_sni_serverhello_parse(ssl, &cbs, &alert)) { 39 if (!tlsext_sni_serverhello_parse(ssl, &cbs, &alert)) {
40 FAIL("failed to parse serverhello SNI\n"); 40 FAIL("failed to parse serverhello SNI\n");
41 goto err; 41 goto err;
42@@ -2741,7 +2743,10 @@ unsigned char tlsext_clienthello_default 42@@ -2741,7 +2743,10 @@
43 0x03, 0x01, 0x03, 0x03, 0x02, 0x01, 0x02, 0x03, 43 0x03, 0x01, 0x03, 0x03, 0x02, 0x01, 0x02, 0x03,
44 }; 44 };
45 45
@@ -51,7 +51,7 @@
51 51
52 static int 52 static int
53 test_tlsext_clienthello_build(void) 53 test_tlsext_clienthello_build(void)
54@@ -2806,18 +2811,18 @@ test_tlsext_clienthello_build(void) 54@@ -2806,18 +2811,18 @@
55 if (!CBB_finish(&cbb, &data, &dlen)) 55 if (!CBB_finish(&cbb, &data, &dlen))
56 errx(1, "failed to finish CBB"); 56 errx(1, "failed to finish CBB");
57 57
@@ -74,7 +74,7 @@
74 goto err; 74 goto err;
75 } 75 }
76 76
77@@ -2832,7 +2837,10 @@ test_tlsext_clienthello_build(void) 77@@ -2832,7 +2837,10 @@
78 return (failure); 78 return (failure);
79 } 79 }
80 80
@@ -86,7 +86,7 @@
86 86
87 unsigned char tlsext_serverhello_enabled[] = { 87 unsigned char tlsext_serverhello_enabled[] = {
88 0x00, 0x13, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 88 0x00, 0x13, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00,
89@@ -2872,18 +2880,18 @@ test_tlsext_serverhello_build(void) 89@@ -2872,18 +2880,18 @@
90 if (!CBB_finish(&cbb, &data, &dlen)) 90 if (!CBB_finish(&cbb, &data, &dlen))
91 errx(1, "failed to finish CBB"); 91 errx(1, "failed to finish CBB");
92 92
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 15:40:48 +0000