From e6b69e579348d4c16cba07e26f273e9d3bbe6516 Mon Sep 17 00:00:00 2001
From: Ludovic Pouzenc <ludovic@pouzenc.fr>
Date: Sun, 16 Sep 2018 18:55:17 +0200
Subject: package/libs/*ssl: adds, probably from OpenWRT

---
 package/libs/openssl/patches/220-fix-no-ec-build.patch | 14 ++++++++++++++
 package/libs/polarssl/patches/100-disable_sslv3.patch  | 12 ++++++++++++
 package/libs/polarssl/patches/300-CVE-2015-1182.patch  | 11 +++++++++++
 3 files changed, 37 insertions(+)
 create mode 100755 package/libs/openssl/patches/220-fix-no-ec-build.patch
 create mode 100755 package/libs/polarssl/patches/100-disable_sslv3.patch
 create mode 100755 package/libs/polarssl/patches/300-CVE-2015-1182.patch

(limited to 'package')

diff --git a/package/libs/openssl/patches/220-fix-no-ec-build.patch b/package/libs/openssl/patches/220-fix-no-ec-build.patch
new file mode 100755
index 0000000..44ec50e
--- /dev/null
+++ b/package/libs/openssl/patches/220-fix-no-ec-build.patch
@@ -0,0 +1,14 @@
+--- a/ssl/t1_lib.c
++++ b/ssl/t1_lib.c
+@@ -113,9 +113,11 @@
+ #include <openssl/objects.h>
+ #include <openssl/evp.h>
+ #include <openssl/hmac.h>
++#ifndef OPENSSL_NO_EC
+ #ifdef OPENSSL_NO_EC2M
+ # include <openssl/ec.h>
+ #endif
++#endif
+ #include <openssl/ocsp.h>
+ #include <openssl/rand.h>
+ #include "ssl_locl.h"
diff --git a/package/libs/polarssl/patches/100-disable_sslv3.patch b/package/libs/polarssl/patches/100-disable_sslv3.patch
new file mode 100755
index 0000000..06312f3
--- /dev/null
+++ b/package/libs/polarssl/patches/100-disable_sslv3.patch
@@ -0,0 +1,12 @@
+--- a/include/polarssl/config.h
++++ b/include/polarssl/config.h
+@@ -859,8 +859,8 @@
+  *           POLARSSL_SHA1_C
+  *
+  * Comment this macro to disable support for SSL 3.0
+- */
+ #define POLARSSL_SSL_PROTO_SSL3
++ */
+ 
+ /**
+  * \def POLARSSL_SSL_PROTO_TLS1
diff --git a/package/libs/polarssl/patches/300-CVE-2015-1182.patch b/package/libs/polarssl/patches/300-CVE-2015-1182.patch
new file mode 100755
index 0000000..5961d37
--- /dev/null
+++ b/package/libs/polarssl/patches/300-CVE-2015-1182.patch
@@ -0,0 +1,11 @@
+--- a/library/asn1parse.c
++++ b/library/asn1parse.c
+@@ -278,6 +278,8 @@ int asn1_get_sequence_of( unsigned char
+             if( cur->next == NULL )
+                 return( POLARSSL_ERR_ASN1_MALLOC_FAILED );
+ 
++            memset( cur->next, 0, sizeof( asn1_sequence ) );
++
+             cur = cur->next;
+         }
+     }
-- 
cgit v1.1