[Buildroot] [git commit] tn5250: don't reference SSLv2/v3 functions if openssl is built without them

Peter Korsgaard peter at korsgaard.com
Tue Mar 1 18:52:49 UTC 2016


commit: https://git.buildroot.net/buildroot/commit/?id=c2f6b5d69762edbcf820b74236683ca801b0c158
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master

Fixes:
http://autobuild.buildroot.net/results/83e/83e29482cad6adef18a0e97bc8e75df302467dbb/

The recent openssl security bump disabled SSLv2 support, but tn5250 was
still referencing SSLv2 functions breaking the build.

Include a patch from OpenBSD to only reference the SSLv2 / SSLv3 symbols if
openssl is built with support for them.

Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
 ...lding-against-OpenSSL-without-SSLv2_SSLv3.patch | 32 ++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/package/tn5250/0002-Allow-building-against-OpenSSL-without-SSLv2_SSLv3.patch b/package/tn5250/0002-Allow-building-against-OpenSSL-without-SSLv2_SSLv3.patch
new file mode 100644
index 0000000..67f0fa6
--- /dev/null
+++ b/package/tn5250/0002-Allow-building-against-OpenSSL-without-SSLv2_SSLv3.patch
@@ -0,0 +1,32 @@
+$OpenBSD: patch-lib5250_sslstream_c,v 1.1 2015/10/07 16:09:04 jca Exp $
+
+Allow building against OpenSSL without SSLv2/SSLv3 support.
+
+Download from:
+http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/tn5250/patches/patch-lib5250_sslstream_c
+
+Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
+--- a/lib5250/sslstream.c.orig	Fri Nov 21 09:12:21 2008
++++ b/lib5250/sslstream.c	Tue Oct  6 21:32:29 2015
+@@ -368,13 +368,19 @@ int tn5250_ssl_stream_init (Tn5250Stream *This)
+         methstr[4] = '\0';
+    }
+ 
++#ifndef OPENSSL_NO_SSL2
+    if (!strcmp(methstr, "ssl2")) {
+         meth = SSLv2_client_method();         
+         TN5250_LOG(("SSL Method = SSLv2_client_method()\n"));
+-   } else if (!strcmp(methstr, "ssl3")) {
++   } else
++#endif
++#ifndef OPENSSL_NO_SSL3
++   if (!strcmp(methstr, "ssl3")) {
+         meth = SSLv3_client_method();         
+         TN5250_LOG(("SSL Method = SSLv3_client_method()\n"));
+-   } else {
++   } else
++#endif
++   {
+         meth = SSLv23_client_method();         
+         TN5250_LOG(("SSL Method = SSLv23_client_method()\n"));
+    }


More information about the buildroot mailing list