aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRussell Senior <russell@personaltelco.net>2018-02-16 04:39:00 -0800
committerHauke Mehrtens <hauke@hauke-m.de>2018-02-17 12:29:33 +0100
commit42b94a74e98a1f9517d2baf8c6e8a61051bd6124 (patch)
treeb47b6a7c9b8f20244993b842e6c0d1febb21c061
parente05a6018fc8c9f9413bf88f2471d91a67b1d64d0 (diff)
downloadupstream-42b94a74e98a1f9517d2baf8c6e8a61051bd6124.tar.gz
upstream-42b94a74e98a1f9517d2baf8c6e8a61051bd6124.tar.bz2
upstream-42b94a74e98a1f9517d2baf8c6e8a61051bd6124.zip
openvpn: fix interface with mbedtls_sha256
Between mbedtls 2.6.0 and 2.7.0, the void returning mbedtls_MODULE* functions were deprecated in favor of functions returning an int error code. Use the new function mbedtls_sha256_ret(). Signed-off-by: Russell Senior <russell@personaltelco.net> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
-rw-r--r--package/network/services/openvpn/patches/300-mbedtls_dont_use_deprecated_sha256_function.patch11
1 files changed, 11 insertions, 0 deletions
diff --git a/package/network/services/openvpn/patches/300-mbedtls_dont_use_deprecated_sha256_function.patch b/package/network/services/openvpn/patches/300-mbedtls_dont_use_deprecated_sha256_function.patch
new file mode 100644
index 0000000000..b9201a599a
--- /dev/null
+++ b/package/network/services/openvpn/patches/300-mbedtls_dont_use_deprecated_sha256_function.patch
@@ -0,0 +1,11 @@
+--- a/src/openvpn/ssl_mbedtls.c
++++ b/src/openvpn/ssl_mbedtls.c
+@@ -803,7 +803,7 @@ tls_ctx_personalise_random(struct tls_ro
+ {
+ mbedtls_x509_crt *cert = ctx->crt_chain;
+
+- mbedtls_sha256(cert->tbs.p, cert->tbs.len, sha256_hash, false);
++ mbedtls_sha256_ret(cert->tbs.p, cert->tbs.len, sha256_hash, false);
+ if (0 != memcmp(old_sha256_hash, sha256_hash, sizeof(sha256_hash)))
+ {
+ mbedtls_ctr_drbg_update(cd_ctx, sha256_hash, 32);