Commit c2f6b5d6 authored by Peter Korsgaard's avatar Peter Korsgaard
Browse files

tn5250: don't reference SSLv2/v3 functions if openssl is built without them 

Fixes:
http://autobuild.buildroot.net/results/83e/83e29482cad6adef18a0e97bc8e75df302467dbb/



The recent openssl security bump disabled SSLv2 support, but tn5250 was
still referencing SSLv2 functions breaking the build.

Include a patch from OpenBSD to only reference the SSLv2 / SSLv3 symbols if
openssl is built with support for them.

Signed-off-by: default avatarPeter Korsgaard <peter@korsgaard.com>
parent aa016cd6

package/tn5250/0002-Allow-building-against-OpenSSL-without-SSLv2_SSLv3.patch

0 → 100644
+32 −0
Original line number Diff line number Diff line 
$OpenBSD: patch-lib5250_sslstream_c,v 1.1 2015/10/07 16:09:04 jca Exp $



Allow building against OpenSSL without SSLv2/SSLv3 support.



Download from:

http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/tn5250/patches/patch-lib5250_sslstream_c



Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

--- a/lib5250/sslstream.c.orig	Fri Nov 21 09:12:21 2008

+++ b/lib5250/sslstream.c	Tue Oct  6 21:32:29 2015

@@ -368,13 +368,19 @@ int tn5250_ssl_stream_init (Tn5250Stream *This)

         methstr[4] = '\0';

    }

 

+#ifndef OPENSSL_NO_SSL2

    if (!strcmp(methstr, "ssl2")) {

         meth = SSLv2_client_method();         

         TN5250_LOG(("SSL Method = SSLv2_client_method()\n"));

-   } else if (!strcmp(methstr, "ssl3")) {

+   } else

+#endif

+#ifndef OPENSSL_NO_SSL3

+   if (!strcmp(methstr, "ssl3")) {

         meth = SSLv3_client_method();         

         TN5250_LOG(("SSL Method = SSLv3_client_method()\n"));

-   } else {

+   } else

+#endif

+   {

         meth = SSLv23_client_method();         

         TN5250_LOG(("SSL Method = SSLv23_client_method()\n"));

    }