1 |
commit: b03eb00c0d027efc945c09fdf73dca25477a7cf8 |
2 |
Author: Agostino Sarubbo <ago <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Nov 1 19:57:32 2019 +0000 |
4 |
Commit: Agostino Sarubbo <ago <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Nov 1 19:57:32 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b03eb00c |
7 |
|
8 |
net-analyzer/ettercap: remove old |
9 |
|
10 |
Package-Manager: Portage-2.3.76, Repoman-2.3.16 |
11 |
Signed-off-by: Agostino Sarubbo <ago <AT> gentoo.org> |
12 |
|
13 |
net-analyzer/ettercap/Manifest | 1 - |
14 |
net-analyzer/ettercap/ettercap-0.8.2-r2.ebuild | 73 ------ |
15 |
net-analyzer/ettercap/files/cve-2017-6430.patch | 68 ------ |
16 |
.../files/ettercap-0.8.2-openssl-1.1.patch | 254 --------------------- |
17 |
4 files changed, 396 deletions(-) |
18 |
|
19 |
diff --git a/net-analyzer/ettercap/Manifest b/net-analyzer/ettercap/Manifest |
20 |
index dccca758f86..fb40201464a 100644 |
21 |
--- a/net-analyzer/ettercap/Manifest |
22 |
+++ b/net-analyzer/ettercap/Manifest |
23 |
@@ -1,2 +1 @@ |
24 |
-DIST ettercap-0.8.2.tar.gz 8082561 BLAKE2B 851df0a8700de45ce0e3427f7fdbdcd13feb2f75c0d1136563449db634b1f02276bade0d82a1a51bf8de726d6faddf05ff537e397c2e56cfc3e3181d25566fe9 SHA512 18137b1cc518c9db3c9650157a5cbf09dbb665b79876a24875d6c5125e8923ebde543464adb61cf1d1244101242f4d66b80d94ef3b36aa265cefca7646aa6415 |
25 |
DIST ettercap-0.8.3.tar.gz 8381943 BLAKE2B f49098d61f60877d3f979d7861f36dad6ec3fbfca7ed89d8f9826867145ea36daec65a1076c893f81391218688448515ef020a9cdf9a16ffddc830bacec8eb1c SHA512 1929c986d3a17ebc693ffe8531e01c66379c0ee6ea71305ea49b6a9eece84b6da1923135311db458bdb6035feb593e525786e6cf4c465ced5a7683384d4a4ae7 |
26 |
|
27 |
diff --git a/net-analyzer/ettercap/ettercap-0.8.2-r2.ebuild b/net-analyzer/ettercap/ettercap-0.8.2-r2.ebuild |
28 |
deleted file mode 100644 |
29 |
index ae48afb1a7e..00000000000 |
30 |
--- a/net-analyzer/ettercap/ettercap-0.8.2-r2.ebuild |
31 |
+++ /dev/null |
32 |
@@ -1,73 +0,0 @@ |
33 |
-# Copyright 1999-2019 Gentoo Authors |
34 |
-# Distributed under the terms of the GNU General Public License v2 |
35 |
- |
36 |
-EAPI=6 |
37 |
- |
38 |
-inherit cmake-utils |
39 |
- |
40 |
-DESCRIPTION="A suite for man in the middle attacks" |
41 |
-HOMEPAGE="https://github.com/Ettercap/ettercap" |
42 |
- |
43 |
-LICENSE="GPL-2+" |
44 |
-SLOT="0" |
45 |
- |
46 |
-if [[ ${PV} == "9999" ]] ; then |
47 |
- inherit git-r3 |
48 |
- EGIT_REPO_URI="https://github.com/Ettercap/${PN}.git" |
49 |
-else |
50 |
- SRC_URI="https://github.com/Ettercap/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" #mirror does not work |
51 |
- KEYWORDS="~alpha amd64 arm ppc ppc64 sparc x86" |
52 |
-fi |
53 |
- |
54 |
-IUSE="doc gtk ipv6 libressl ncurses +plugins test" |
55 |
- |
56 |
-RDEPEND="dev-libs/libbsd |
57 |
- dev-libs/libpcre |
58 |
- !libressl? ( dev-libs/openssl:0= ) |
59 |
- libressl? ( dev-libs/libressl:0= ) |
60 |
- net-libs/libnet:1.1 |
61 |
- >=net-libs/libpcap-0.8.1 |
62 |
- sys-libs/zlib |
63 |
- gtk? ( |
64 |
- >=dev-libs/atk-1.2.4 |
65 |
- >=dev-libs/glib-2.2.2:2 |
66 |
- media-libs/freetype |
67 |
- x11-libs/cairo |
68 |
- x11-libs/gdk-pixbuf:2 |
69 |
- >=x11-libs/gtk+-2.2.2:2 |
70 |
- >=x11-libs/pango-1.2.3 |
71 |
- ) |
72 |
- ncurses? ( >=sys-libs/ncurses-5.3:= ) |
73 |
- plugins? ( >=net-misc/curl-7.26.0 )" |
74 |
-DEPEND="${RDEPEND} |
75 |
- doc? ( app-text/ghostscript-gpl |
76 |
- sys-apps/groff ) |
77 |
- test? ( dev-libs/check ) |
78 |
- sys-devel/flex |
79 |
- virtual/yacc" |
80 |
-PATCHES=( |
81 |
- "${FILESDIR}"/cve-2017-6430.patch |
82 |
- "${FILESDIR}"/${P}-openssl-1.1.patch |
83 |
-) |
84 |
- |
85 |
-src_prepare() { |
86 |
- sed -i "s:Release:Release Gentoo:" CMakeLists.txt || die |
87 |
- cmake-utils_src_prepare |
88 |
-} |
89 |
- |
90 |
-src_configure() { |
91 |
- local mycmakeargs=( |
92 |
- -DENABLE_CURSES="$(usex ncurses)" |
93 |
- -DENABLE_GTK="$(usex gtk)" |
94 |
- -DENABLE_PLUGINS="$(usex plugins)" |
95 |
- -DENABLE_IPV6="$(usex ipv6)" |
96 |
- -DENABLE_TESTS="$(usex test)" |
97 |
- -DENABLE_PDF_DOCS="$(usex doc)" |
98 |
- -DBUNDLED_LIBS=OFF |
99 |
- -DSYSTEM_LIBS=ON |
100 |
- -DINSTALL_SYSCONFDIR="${EROOT}"etc |
101 |
- ) |
102 |
- #right now we only support gtk2, but ettercap also supports gtk3 |
103 |
- #do we care? do we want to support both? |
104 |
- cmake-utils_src_configure |
105 |
-} |
106 |
|
107 |
diff --git a/net-analyzer/ettercap/files/cve-2017-6430.patch b/net-analyzer/ettercap/files/cve-2017-6430.patch |
108 |
deleted file mode 100644 |
109 |
index 67483dcc024..00000000000 |
110 |
--- a/net-analyzer/ettercap/files/cve-2017-6430.patch |
111 |
+++ /dev/null |
112 |
@@ -1,68 +0,0 @@ |
113 |
-From 4ad7f85dc01202e363659aa473c99470b3f4e1f4 Mon Sep 17 00:00:00 2001 |
114 |
-From: Gianfranco Costamagna <costamagnagianfranco@×××××.it> |
115 |
-Date: Tue, 7 Mar 2017 22:05:31 +0100 |
116 |
-Subject: [PATCH] Fix issue #782 |
117 |
- |
118 |
---- |
119 |
- utils/etterfilter/ef_compiler.c | 4 +++- |
120 |
- utils/etterfilter/ef_main.c | 10 +++++++--- |
121 |
- utils/etterfilter/ef_output.c | 3 +++ |
122 |
- 3 files changed, 13 insertions(+), 4 deletions(-) |
123 |
- |
124 |
-diff --git a/utils/etterfilter/ef_compiler.c b/utils/etterfilter/ef_compiler.c |
125 |
-index db876636e..ddb73bd30 100644 |
126 |
---- a/utils/etterfilter/ef_compiler.c |
127 |
-+++ b/utils/etterfilter/ef_compiler.c |
128 |
-@@ -239,7 +239,9 @@ size_t compile_tree(struct filter_op **fop) |
129 |
- struct filter_op *array = NULL; |
130 |
- struct unfold_elm *ue; |
131 |
- |
132 |
-- BUG_IF(tree_root == NULL); |
133 |
-+ // invalid file |
134 |
-+ if (tree_root == NULL) |
135 |
-+ return 0; |
136 |
- |
137 |
- fprintf(stdout, " Unfolding the meta-tree "); |
138 |
- fflush(stdout); |
139 |
-diff --git a/utils/etterfilter/ef_main.c b/utils/etterfilter/ef_main.c |
140 |
-index ae4591344..431084b91 100644 |
141 |
---- a/utils/etterfilter/ef_main.c |
142 |
-+++ b/utils/etterfilter/ef_main.c |
143 |
-@@ -39,7 +39,7 @@ struct globals *gbls; |
144 |
- |
145 |
- int main(int argc, char *argv[]) |
146 |
- { |
147 |
-- |
148 |
-+ int ret_value = 0; |
149 |
- globals_alloc(); |
150 |
- /* etterfilter copyright */ |
151 |
- fprintf(stdout, "\n" EC_COLOR_BOLD "%s %s" EC_COLOR_END " copyright %s %s\n\n", |
152 |
-@@ -84,8 +84,12 @@ int main(int argc, char *argv[]) |
153 |
- fprintf(stdout, "\n\nThe script contains errors...\n\n"); |
154 |
- |
155 |
- /* write to file */ |
156 |
-- if (write_output() != E_SUCCESS) |
157 |
-- FATAL_ERROR("Cannot write output file (%s)", GBL_OPTIONS->output_file); |
158 |
-+ ret_value = write_output(); |
159 |
-+ if (ret_value == -E_NOTHANDLED) |
160 |
-+ FATAL_ERROR("Cannot write output file (%s): the filter is not correctly handled.", GBL_OPTIONS->output_file); |
161 |
-+ else if (ret_value == -E_INVALID) |
162 |
-+ FATAL_ERROR("Cannot write output file (%s): the filter format is not correct. ", GBL_OPTIONS->output_file); |
163 |
-+ |
164 |
- globals_free(); |
165 |
- return 0; |
166 |
- } |
167 |
-diff --git a/utils/etterfilter/ef_output.c b/utils/etterfilter/ef_output.c |
168 |
-index 5ae591904..fcf19f010 100644 |
169 |
---- a/utils/etterfilter/ef_output.c |
170 |
-+++ b/utils/etterfilter/ef_output.c |
171 |
-@@ -51,6 +51,9 @@ int write_output(void) |
172 |
- if (fop == NULL) |
173 |
- return -E_NOTHANDLED; |
174 |
- |
175 |
-+ if (ninst == 0) |
176 |
-+ return -E_INVALID; |
177 |
-+ |
178 |
- /* create the file */ |
179 |
- fd = open(GBL_OPTIONS->output_file, O_CREAT | O_RDWR | O_TRUNC | O_BINARY, 0644); |
180 |
- ON_ERROR(fd, -1, "Can't create file %s", GBL_OPTIONS->output_file); |
181 |
|
182 |
diff --git a/net-analyzer/ettercap/files/ettercap-0.8.2-openssl-1.1.patch b/net-analyzer/ettercap/files/ettercap-0.8.2-openssl-1.1.patch |
183 |
deleted file mode 100644 |
184 |
index b7703d3ef5c..00000000000 |
185 |
--- a/net-analyzer/ettercap/files/ettercap-0.8.2-openssl-1.1.patch |
186 |
+++ /dev/null |
187 |
@@ -1,254 +0,0 @@ |
188 |
-From f0d63b27c82df2ad5f7ada6310727d841b43fbcc Mon Sep 17 00:00:00 2001 |
189 |
-From: Gianfranco Costamagna <costamagnagianfranco@×××××.it> |
190 |
-Date: Mon, 27 Jun 2016 12:41:33 +0200 |
191 |
-Subject: [PATCH 1/2] First draft of openssl 1.1 compatibility layer (from |
192 |
- https://github.com/curl/curl/commit/cfe16c22d7891a1f65ea8cd4c5352504a2afbddc) |
193 |
- Closes: #739 |
194 |
- |
195 |
---- |
196 |
- src/dissectors/ec_ssh.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++++- |
197 |
- src/ec_sslwrap.c | 14 ++++++++ |
198 |
- 2 files changed, 106 insertions(+), 1 deletion(-) |
199 |
- |
200 |
-Index: ettercap-0.8.2/src/dissectors/ec_ssh.c |
201 |
-=================================================================== |
202 |
---- ettercap-0.8.2.orig/src/dissectors/ec_ssh.c |
203 |
-+++ ettercap-0.8.2/src/dissectors/ec_ssh.c |
204 |
-@@ -36,6 +36,10 @@ |
205 |
- #include <openssl/md5.h> |
206 |
- #include <zlib.h> |
207 |
- |
208 |
-+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) |
209 |
-+#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */ |
210 |
-+#endif |
211 |
-+ |
212 |
- #define SMSG_PUBLIC_KEY 2 |
213 |
- #define CMSG_SESSION_KEY 3 |
214 |
- #define CMSG_USER 4 |
215 |
-@@ -138,6 +142,11 @@ |
216 |
- char tmp[MAX_ASCII_ADDR_LEN]; |
217 |
- u_int32 ssh_len, ssh_mod; |
218 |
- u_char ssh_packet_type, *ptr, *key_to_put; |
219 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
220 |
-+ BIGNUM *h_n, *s_n, *m_h_n, *m_s_n; |
221 |
-+ BIGNUM *h_e, *s_e, *m_h_e, *m_s_e; |
222 |
-+ BIGNUM *h_d, *s_d, *m_h_d, *m_s_d; |
223 |
-+#endif |
224 |
- |
225 |
- /* don't complain about unused var */ |
226 |
- (void) DECODE_DATA; |
227 |
-@@ -383,12 +392,25 @@ |
228 |
- if (session_data->ptrkey == NULL) { |
229 |
- /* Initialize RSA key structures (other fileds are set to 0) */ |
230 |
- session_data->serverkey = RSA_new(); |
231 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
232 |
-+ s_n = BN_new(); |
233 |
-+ s_e = BN_new(); |
234 |
-+ RSA_set0_key(session_data->serverkey, s_n, s_e, s_d); |
235 |
-+#else |
236 |
- session_data->serverkey->n = BN_new(); |
237 |
- session_data->serverkey->e = BN_new(); |
238 |
-+#endif |
239 |
- |
240 |
- session_data->hostkey = RSA_new(); |
241 |
-+ |
242 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
243 |
-+ h_n = BN_new(); |
244 |
-+ h_e = BN_new(); |
245 |
-+ RSA_set0_key(session_data->hostkey, h_n, h_e, h_d); |
246 |
-+#else |
247 |
- session_data->hostkey->n = BN_new(); |
248 |
- session_data->hostkey->e = BN_new(); |
249 |
-+#endif |
250 |
- |
251 |
- /* Get the RSA Key from the packet */ |
252 |
- NS_GET32(server_mod,ptr); |
253 |
-@@ -396,19 +418,37 @@ |
254 |
- DEBUG_MSG("Dissector_ssh Bougs Server_Mod"); |
255 |
- return NULL; |
256 |
- } |
257 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
258 |
-+ RSA_get0_key(session_data->serverkey, &s_n, &s_e, &s_d); |
259 |
-+ get_bn(s_e, &ptr); |
260 |
-+ get_bn(s_n, &ptr); |
261 |
-+#else |
262 |
- get_bn(session_data->serverkey->e, &ptr); |
263 |
- get_bn(session_data->serverkey->n, &ptr); |
264 |
-+#endif |
265 |
- |
266 |
- NS_GET32(host_mod,ptr); |
267 |
- if (ptr + (host_mod/8) > PACKET->DATA.data + PACKET->DATA.len) { |
268 |
- DEBUG_MSG("Dissector_ssh Bougs Host_Mod"); |
269 |
- return NULL; |
270 |
- } |
271 |
-+ |
272 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
273 |
-+ RSA_get0_key(session_data->hostkey, &h_n, &h_e, &h_d); |
274 |
-+ get_bn(h_e, &ptr); |
275 |
-+ get_bn(h_n, &ptr); |
276 |
-+#else |
277 |
- get_bn(session_data->hostkey->e, &ptr); |
278 |
- get_bn(session_data->hostkey->n, &ptr); |
279 |
-+#endif |
280 |
- |
281 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
282 |
-+ server_exp = BN_get_word(s_e); |
283 |
-+ host_exp = BN_get_word(h_e); |
284 |
-+#else |
285 |
- server_exp = *(session_data->serverkey->e->d); |
286 |
- host_exp = *(session_data->hostkey->e->d); |
287 |
-+#endif |
288 |
- |
289 |
- /* Check if we already have a suitable RSA key to substitute */ |
290 |
- index_ssl = &ssh_conn_key; |
291 |
-@@ -424,7 +464,7 @@ |
292 |
- SAFE_CALLOC(*index_ssl, 1, sizeof(ssh_my_key)); |
293 |
- |
294 |
- /* Generate the new key */ |
295 |
-- (*index_ssl)->myserverkey = (RSA *)RSA_generate_key(server_mod, server_exp, NULL, NULL); |
296 |
-+ (*index_ssl)->myserverkey = (RSA *)RSA_generate_key_ex(server_mod, server_exp, NULL, NULL); |
297 |
- (*index_ssl)->myhostkey = (RSA *)RSA_generate_key(host_mod, host_exp, NULL, NULL); |
298 |
- (*index_ssl)->server_mod = server_mod; |
299 |
- (*index_ssl)->host_mod = host_mod; |
300 |
-@@ -443,11 +483,25 @@ |
301 |
- |
302 |
- /* Put our RSA key in the packet */ |
303 |
- key_to_put+=4; |
304 |
-+ |
305 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
306 |
-+ RSA_get0_key(session_data->ptrkey->myserverkey, &m_s_n, &m_s_e, &m_s_d); |
307 |
-+ put_bn(m_s_e, &key_to_put); |
308 |
-+ put_bn(m_s_n, &key_to_put); |
309 |
-+#else |
310 |
- put_bn(session_data->ptrkey->myserverkey->e, &key_to_put); |
311 |
- put_bn(session_data->ptrkey->myserverkey->n, &key_to_put); |
312 |
-+#endif |
313 |
- key_to_put+=4; |
314 |
-+ |
315 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
316 |
-+ RSA_get0_key(session_data->ptrkey->myhostkey, &m_h_n, &m_h_e, &m_h_d); |
317 |
-+ put_bn(m_h_e, &key_to_put); |
318 |
-+ put_bn(m_h_n, &key_to_put); |
319 |
-+#else |
320 |
- put_bn(session_data->ptrkey->myhostkey->e, &key_to_put); |
321 |
- put_bn(session_data->ptrkey->myhostkey->n, &key_to_put); |
322 |
-+#endif |
323 |
- |
324 |
- /* Recalculate SSH crc */ |
325 |
- *(u_int32 *)(PACKET->DATA.data + PACKET->DATA.len - 4) = htonl(CRC_checksum(PACKET->DATA.data+4, PACKET->DATA.len-8, CRC_INIT_ZERO)); |
326 |
-@@ -482,19 +536,34 @@ |
327 |
- key_to_put = ptr; |
328 |
- |
329 |
- /* Calculate real session id and our fake session id */ |
330 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
331 |
-+ temp_session_id = ssh_session_id(cookie, h_n, s_n); |
332 |
-+#else |
333 |
- temp_session_id = ssh_session_id(cookie, session_data->hostkey->n, session_data->serverkey->n); |
334 |
-+#endif |
335 |
- if (temp_session_id) |
336 |
- memcpy(session_id1, temp_session_id, 16); |
337 |
-+ |
338 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
339 |
-+ temp_session_id=ssh_session_id(cookie, m_h_n, m_s_n); |
340 |
-+#else |
341 |
- temp_session_id=ssh_session_id(cookie, session_data->ptrkey->myhostkey->n, session_data->ptrkey->myserverkey->n); |
342 |
-+#endif |
343 |
-+ |
344 |
- if (temp_session_id) |
345 |
- memcpy(session_id2, temp_session_id, 16); |
346 |
- |
347 |
- /* Get the session key */ |
348 |
- enckey = BN_new(); |
349 |
-+ |
350 |
- get_bn(enckey, &ptr); |
351 |
- |
352 |
- /* Decrypt session key */ |
353 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
354 |
-+ if (BN_cmp(m_s_n, m_h_n) > 0) { |
355 |
-+#else |
356 |
- if (BN_cmp(session_data->ptrkey->myserverkey->n, session_data->ptrkey->myhostkey->n) > 0) { |
357 |
-+#endif |
358 |
- rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myserverkey); |
359 |
- rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myhostkey); |
360 |
- } else { |
361 |
-@@ -534,7 +603,11 @@ |
362 |
- BN_add_word(bn, sesskey[i]); |
363 |
- } |
364 |
- |
365 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
366 |
-+ if (BN_cmp(s_n, h_n) < 0) { |
367 |
-+#else |
368 |
- if (BN_cmp(session_data->serverkey->n, session_data->hostkey->n) < 0) { |
369 |
-+#endif |
370 |
- rsa_public_encrypt(bn, bn, session_data->serverkey); |
371 |
- rsa_public_encrypt(bn, bn, session_data->hostkey); |
372 |
- } else { |
373 |
-@@ -716,7 +789,16 @@ |
374 |
- u_char *inbuf, *outbuf; |
375 |
- int32 len, ilen, olen; |
376 |
- |
377 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
378 |
-+ BIGNUM *n; |
379 |
-+ BIGNUM *e; |
380 |
-+ BIGNUM *d; |
381 |
-+ RSA_get0_key(key, &n, &e, &d); |
382 |
-+ olen = BN_num_bytes(n); |
383 |
-+#else |
384 |
- olen = BN_num_bytes(key->n); |
385 |
-+#endif |
386 |
-+ |
387 |
- outbuf = malloc(olen); |
388 |
- if (outbuf == NULL) /* oops, couldn't allocate memory */ |
389 |
- return; |
390 |
-@@ -744,7 +826,16 @@ |
391 |
- u_char *inbuf, *outbuf; |
392 |
- int32 len, ilen, olen; |
393 |
- |
394 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
395 |
-+ BIGNUM *n; |
396 |
-+ BIGNUM *e; |
397 |
-+ BIGNUM *d; |
398 |
-+ RSA_get0_key(key, &n, &e, &d); |
399 |
-+ olen = BN_num_bytes(n); |
400 |
-+#else |
401 |
- olen = BN_num_bytes(key->n); |
402 |
-+#endif |
403 |
-+ |
404 |
- outbuf = malloc(olen); |
405 |
- if (outbuf == NULL) /* oops, couldn't allocate memory */ |
406 |
- return; |
407 |
-Index: ettercap-0.8.2/src/ec_sslwrap.c |
408 |
-=================================================================== |
409 |
---- ettercap-0.8.2.orig/src/ec_sslwrap.c |
410 |
-+++ ettercap-0.8.2/src/ec_sslwrap.c |
411 |
-@@ -53,6 +53,10 @@ |
412 |
- #define OPENSSL_NO_KRB5 1 |
413 |
- #include <openssl/ssl.h> |
414 |
- |
415 |
-+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) |
416 |
-+#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */ |
417 |
-+#endif |
418 |
-+ |
419 |
- #define BREAK_ON_ERROR(x,y,z) do { \ |
420 |
- if (x == -E_INVALID) { \ |
421 |
- SAFE_FREE(z.DATA.disp_data); \ |
422 |
-@@ -974,9 +978,19 @@ |
423 |
- index = X509_get_ext_by_NID(server_cert, NID_authority_key_identifier, -1); |
424 |
- if (index >=0) { |
425 |
- ext = X509_get_ext(server_cert, index); |
426 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
427 |
-+ ASN1_OCTET_STRING* os; |
428 |
-+ os = X509_EXTENSION_get_data (ext); |
429 |
-+#endif |
430 |
- if (ext) { |
431 |
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH |
432 |
-+ os->data[7] = 0xe7; |
433 |
-+ os->data[8] = 0x7e; |
434 |
-+ X509_EXTENSION_set_data (ext, os); |
435 |
-+#else |
436 |
- ext->value->data[7] = 0xe7; |
437 |
- ext->value->data[8] = 0x7e; |
438 |
-+#endif |
439 |
- X509_add_ext(out_cert, ext, -1); |
440 |
- } |
441 |
- } |