|
Line 0
Link Here
|
|
|
1 |
From 69793ae0c1b3b6cb2e4baecc224ea714707ac329 Mon Sep 17 00:00:00 2001 |
| 2 |
From: Piotr Kubaj <pkubaj@anongoth.pl> |
| 3 |
Date: Fri, 12 May 2017 14:24:37 +0100 |
| 4 |
Subject: [PATCH 1/1] Fix build with LibreSSL 2.5.1 and higher. |
| 5 |
|
| 6 |
We don't actually care if we use the read or write state; we're only |
| 7 |
calculating the cipher/protocol overheads which are the same in both |
| 8 |
directions. |
| 9 |
|
| 10 |
In LibreSSL they were all removed in |
| 11 |
https://github.com/libressl-portable/openbsd/commit/122ecd906da7 |
| 12 |
and the read side was restored in |
| 13 |
https://github.com/libressl-portable/openbsd/commit/0d7a7d5f5a44 |
| 14 |
so just use that. |
| 15 |
|
| 16 |
Signed-off-by: Piotr Kubaj <pkubaj@anongoth.pl> |
| 17 |
Signed-off-by: David Woodhouse <dwmw2@infradead.org> |
| 18 |
--- openssl-dtls.c.orig 2016-12-06 13:03:51 UTC |
| 19 |
+++ openssl-dtls.c |
| 20 |
@@ -100,8 +100,8 @@ static int dtls_get_data_mtu(struct open |
| 21 |
} |
| 22 |
#else |
| 23 |
/* OpenSSL <= 1.0.2 only supports CBC ciphers with PSK */ |
| 24 |
- ivlen = EVP_CIPHER_iv_length(EVP_CIPHER_CTX_cipher(vpninfo->dtls_ssl->enc_write_ctx)); |
| 25 |
- maclen = EVP_MD_CTX_size(vpninfo->dtls_ssl->write_hash); |
| 26 |
+ ivlen = EVP_CIPHER_iv_length(EVP_CIPHER_CTX_cipher(vpninfo->dtls_ssl->enc_read_ctx)); |
| 27 |
+ maclen = EVP_MD_CTX_size(vpninfo->dtls_ssl->read_hash); |
| 28 |
blocksize = ivlen; |
| 29 |
pad = 1; |
| 30 |
#endif |