diff options
author | Felix Fietkau <nbd@openwrt.org> | 2013-07-26 12:35:22 +0000 |
---|---|---|
committer | Felix Fietkau <nbd@openwrt.org> | 2013-07-26 12:35:22 +0000 |
commit | aff8c18ad0d7deb2ce1bd62929d44f782d847c54 (patch) | |
tree | 57f3ae6582c1b058a50756c3a00f7fc647700c48 /package | |
parent | 4d37ae33b67a47a82bacd5af630dd3031215a64c (diff) | |
download | upstream-aff8c18ad0d7deb2ce1bd62929d44f782d847c54.tar.gz upstream-aff8c18ad0d7deb2ce1bd62929d44f782d847c54.tar.bz2 upstream-aff8c18ad0d7deb2ce1bd62929d44f782d847c54.zip |
openvpn: update to 2.3.2
this patches updates openvpn to v2.3.2
and adds a PKG_MD5SUM to the Makefile
This release fixes a memory access violation when cipher none is used
on ar71xx - at least with my config
Signed-off-by: Peter Wagner <tripolar@gmx.at>
SVN-Revision: 37560
Diffstat (limited to 'package')
-rw-r--r-- | package/network/services/openvpn/Makefile | 3 | ||||
-rw-r--r-- | package/network/services/openvpn/patches/100-polarssl_update.patch | 60 |
2 files changed, 2 insertions, 61 deletions
diff --git a/package/network/services/openvpn/Makefile b/package/network/services/openvpn/Makefile index 8e1ccaeb2e..4fffd5cfe5 100644 --- a/package/network/services/openvpn/Makefile +++ b/package/network/services/openvpn/Makefile @@ -9,11 +9,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openvpn -PKG_VERSION:=2.3.0 +PKG_VERSION:=2.3.2 PKG_RELEASE=1 PKG_SOURCE_URL:=http://swupdate.openvpn.net/community/releases PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_MD5SUM:=06e5f93dbf13f2c19647ca15ffc23ac1 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) diff --git a/package/network/services/openvpn/patches/100-polarssl_update.patch b/package/network/services/openvpn/patches/100-polarssl_update.patch deleted file mode 100644 index c5c8faf78a..0000000000 --- a/package/network/services/openvpn/patches/100-polarssl_update.patch +++ /dev/null @@ -1,60 +0,0 @@ ---- a/src/openvpn/crypto_polarssl.h -+++ b/src/openvpn/crypto_polarssl.h -@@ -60,7 +60,7 @@ typedef md_context_t hmac_ctx_t; - #define OPENVPN_MODE_OFB POLARSSL_MODE_OFB - - /** Cipher is in CFB mode */ --#define OPENVPN_MODE_CFB POLARSSL_MODE_CFB128 -+#define OPENVPN_MODE_CFB POLARSSL_MODE_CFB - - /** Cipher should encrypt */ - #define OPENVPN_OP_ENCRYPT POLARSSL_ENCRYPT ---- a/src/openvpn/ssl_polarssl.c -+++ b/src/openvpn/ssl_polarssl.c -@@ -65,23 +65,6 @@ tls_clear_error() - { - } - --static int default_ciphersuites[] = --{ -- SSL_EDH_RSA_AES_256_SHA, -- SSL_EDH_RSA_CAMELLIA_256_SHA, -- SSL_EDH_RSA_AES_128_SHA, -- SSL_EDH_RSA_CAMELLIA_128_SHA, -- SSL_EDH_RSA_DES_168_SHA, -- SSL_RSA_AES_256_SHA, -- SSL_RSA_CAMELLIA_256_SHA, -- SSL_RSA_AES_128_SHA, -- SSL_RSA_CAMELLIA_128_SHA, -- SSL_RSA_DES_168_SHA, -- SSL_RSA_RC4_128_SHA, -- SSL_RSA_RC4_128_MD5, -- 0 --}; -- - void - tls_ctx_server_new(struct tls_root_ctx *ctx) - { -@@ -515,11 +498,11 @@ void key_state_ssl_init(struct key_state - ssl_set_rng (ks_ssl->ctx, ctr_drbg_random, rand_ctx_get()); - - ALLOC_OBJ_CLEAR (ks_ssl->ssn, ssl_session); -- ssl_set_session (ks_ssl->ctx, 0, 0, ks_ssl->ssn ); -+ ssl_set_session (ks_ssl->ctx, ks_ssl->ssn ); - if (ssl_ctx->allowed_ciphers) - ssl_set_ciphersuites (ks_ssl->ctx, ssl_ctx->allowed_ciphers); - else -- ssl_set_ciphersuites (ks_ssl->ctx, default_ciphersuites); -+ ssl_set_ciphersuites (ks_ssl->ctx, ssl_default_ciphersuites); - - /* Initialise authentication information */ - if (is_server) -@@ -828,7 +811,7 @@ print_details (struct key_state_ssl * ks - ssl_get_version (ks_ssl->ctx), - ssl_get_ciphersuite(ks_ssl->ctx)); - -- cert = ks_ssl->ctx->peer_cert; -+ cert = ssl_get_peer_cert(ks_ssl->ctx); - if (cert != NULL) - { - openvpn_snprintf (s2, sizeof (s2), ", " counter_format " bit RSA", (counter_type) cert->rsa.len * 8); |