tn5250: don't reference SSLv2/v3 functions if openssl is built without them

Fixes: http://autobuild.buildroot.net/results/83e/83e29482cad6adef18a0e97bc8e75df302467dbb/ The recent openssl security bump disabled SSLv2 support, but tn5250 was still referencing SSLv2 functions breaking the build. Include a patch from OpenBSD to only reference the SSLv2 / SSLv3 symbols if openssl is built with support for them. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 19:52:49 +01:00 · 2016-03-01 19:52:49 +01:00 · c2f6b5d697
parent aa016cd653
commit c2f6b5d697
1 changed files with 32 additions and 0 deletions
--- a/package/tn5250/0002-Allow-building-against-OpenSSL-without-SSLv2_SSLv3.patch
+++ b/package/tn5250/0002-Allow-building-against-OpenSSL-without-SSLv2_SSLv3.patch
@ -0,0 +1,32 @@
+$OpenBSD: patch-lib5250_sslstream_c,v 1.1 2015/10/07 16:09:04 jca Exp $
+
+Allow building against OpenSSL without SSLv2/SSLv3 support.
+
+Download from:
+http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/tn5250/patches/patch-lib5250_sslstream_c
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+--- a/lib5250/sslstream.c.orig	Fri Nov 21 09:12:21 2008
+++ b/lib5250/sslstream.c	Tue Oct  6 21:32:29 2015
+@@ -368,13 +368,19 @@ int tn5250_ssl_stream_init (Tn5250Stream *This)
+         methstr[4] = '\0';
+    }
+ 
+#ifndef OPENSSL_NO_SSL2
+    if (!strcmp(methstr, "ssl2")) {
+         meth = SSLv2_client_method();         
+         TN5250_LOG(("SSL Method = SSLv2_client_method()\n"));
+-   } else if (!strcmp(methstr, "ssl3")) {
+   } else
+#endif
+#ifndef OPENSSL_NO_SSL3
+   if (!strcmp(methstr, "ssl3")) {
+         meth = SSLv3_client_method();         
+         TN5250_LOG(("SSL Method = SSLv3_client_method()\n"));
+-   } else {
+   } else
+#endif
+   {
+         meth = SSLv23_client_method();         
+         TN5250_LOG(("SSL Method = SSLv23_client_method()\n"));
+    }