mirror of https://github.com/hak5/openwrt.git
openvpn: update to 2.4.5
Signed-off-by: Magnus Kroken <mkroken@gmail.com> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>openwrt-18.06
parent
dc7f2fdd52
commit
ffbe51b294
|
@ -9,14 +9,14 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PKG_NAME:=openvpn
|
||||
|
||||
PKG_VERSION:=2.4.4
|
||||
PKG_RELEASE:=2
|
||||
PKG_VERSION:=2.4.5
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE_URL:=\
|
||||
https://build.openvpn.net/downloads/releases/ \
|
||||
https://swupdate.openvpn.net/community/releases/
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
|
||||
PKG_HASH:=96cd1b8fe1e8cb2920f07c3fd3985faea756e16fdeebd11d3e146d5bd2b04a80
|
||||
PKG_HASH:=43c0a363a332350f620d1cd93bb431e082bedbc93d4fb872f758650d53c1d29e
|
||||
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
|
||||
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
--- a/src/openvpn/ssl_mbedtls.c
|
||||
+++ b/src/openvpn/ssl_mbedtls.c
|
||||
@@ -1336,7 +1336,7 @@ const char *
|
||||
@@ -1394,7 +1394,7 @@ const char *
|
||||
get_ssl_library_version(void)
|
||||
{
|
||||
static char mbedtls_version[30];
|
||||
|
|
|
@ -1,15 +1,17 @@
|
|||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -1068,62 +1068,15 @@ dnl
|
||||
@@ -1077,68 +1077,15 @@ dnl
|
||||
AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4])
|
||||
AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4])
|
||||
if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then
|
||||
- if test -z "${LZ4_CFLAGS}" -a -z "${LZ4_LIBS}"; then
|
||||
- # if the user did not explicitly specify flags, try to autodetect
|
||||
- PKG_CHECK_MODULES([LZ4],
|
||||
- [liblz4 >= 1.7.1],
|
||||
- [liblz4 >= 1.7.1 liblz4 < 100],
|
||||
- [have_lz4="yes"],
|
||||
- [] # If this fails, we will do another test next
|
||||
- [LZ4_LIBS="-llz4"] # If this fails, we will do another test next.
|
||||
- # We also add set LZ4_LIBS otherwise the
|
||||
- # linker will not know about the lz4 library
|
||||
- )
|
||||
- fi
|
||||
|
||||
|
@ -47,20 +49,24 @@
|
|||
- fi
|
||||
- fi
|
||||
-
|
||||
- # if LZ4_LIBS is set, we assume it will work, otherwise test
|
||||
- if test -z "${LZ4_LIBS}"; then
|
||||
- # Double check we have a few needed functions
|
||||
- if test "${have_lz4}" = "yes" ; then
|
||||
- AC_CHECK_LIB([lz4],
|
||||
- [LZ4_compress],
|
||||
- [LZ4_LIBS="-llz4"],
|
||||
- [LZ4_compress_default],
|
||||
- [],
|
||||
- [have_lz4="no"])
|
||||
- AC_CHECK_LIB([lz4],
|
||||
- [LZ4_decompress_safe],
|
||||
- [],
|
||||
- [have_lz4="no"])
|
||||
- fi
|
||||
-
|
||||
- if test "${have_lz4}" != "yes" ; then
|
||||
- AC_MSG_RESULT([ usuable LZ4 library or header not found, using version in src/compat/compat-lz4.*])
|
||||
- AC_MSG_RESULT([ usable LZ4 library or header not found, using version in src/compat/compat-lz4.*])
|
||||
- AC_DEFINE([NEED_COMPAT_LZ4], [1], [use copy of LZ4 source in compat/])
|
||||
- LZ4_LIBS=""
|
||||
- fi
|
||||
+ AC_MSG_RESULT([ usuable LZ4 library or header not found, using version in src/compat/compat-lz4.*])
|
||||
+ AC_MSG_RESULT([ usable LZ4 library or header not found, using version in src/compat/compat-lz4.*])
|
||||
+ AC_DEFINE([NEED_COMPAT_LZ4], [1], [use copy of LZ4 source in compat/])
|
||||
+ LZ4_LIBS=""
|
||||
OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}"
|
||||
|
|
|
@ -1,11 +0,0 @@
|
|||
--- a/src/openvpn/ssl_mbedtls.c
|
||||
+++ b/src/openvpn/ssl_mbedtls.c
|
||||
@@ -803,7 +803,7 @@ tls_ctx_personalise_random(struct tls_ro
|
||||
{
|
||||
mbedtls_x509_crt *cert = ctx->crt_chain;
|
||||
|
||||
- mbedtls_sha256(cert->tbs.p, cert->tbs.len, sha256_hash, false);
|
||||
+ mbedtls_sha256_ret(cert->tbs.p, cert->tbs.len, sha256_hash, false);
|
||||
if (0 != memcmp(old_sha256_hash, sha256_hash, sizeof(sha256_hash)))
|
||||
{
|
||||
mbedtls_ctr_drbg_update(cd_ctx, sha256_hash, 32);
|
Loading…
Reference in New Issue