openvpn: update to 2.4.5

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
This commit is contained in:
Magnus Kroken 2018-03-03 01:11:07 +01:00 committed by Hauke Mehrtens
parent dc7f2fdd52
commit ffbe51b294
4 changed files with 19 additions and 24 deletions

View file

@ -9,14 +9,14 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=openvpn PKG_NAME:=openvpn
PKG_VERSION:=2.4.4 PKG_VERSION:=2.4.5
PKG_RELEASE:=2 PKG_RELEASE:=1
PKG_SOURCE_URL:=\ PKG_SOURCE_URL:=\
https://build.openvpn.net/downloads/releases/ \ https://build.openvpn.net/downloads/releases/ \
https://swupdate.openvpn.net/community/releases/ https://swupdate.openvpn.net/community/releases/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_HASH:=96cd1b8fe1e8cb2920f07c3fd3985faea756e16fdeebd11d3e146d5bd2b04a80 PKG_HASH:=43c0a363a332350f620d1cd93bb431e082bedbc93d4fb872f758650d53c1d29e
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name> PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>

View file

@ -1,6 +1,6 @@
--- a/src/openvpn/ssl_mbedtls.c --- a/src/openvpn/ssl_mbedtls.c
+++ b/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c
@@ -1336,7 +1336,7 @@ const char * @@ -1394,7 +1394,7 @@ const char *
get_ssl_library_version(void) get_ssl_library_version(void)
{ {
static char mbedtls_version[30]; static char mbedtls_version[30];

View file

@ -1,15 +1,17 @@
--- a/configure.ac --- a/configure.ac
+++ b/configure.ac +++ b/configure.ac
@@ -1068,62 +1068,15 @@ dnl @@ -1077,68 +1077,15 @@ dnl
AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4]) AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4])
AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4]) AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4])
if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then
- if test -z "${LZ4_CFLAGS}" -a -z "${LZ4_LIBS}"; then - if test -z "${LZ4_CFLAGS}" -a -z "${LZ4_LIBS}"; then
- # if the user did not explicitly specify flags, try to autodetect - # if the user did not explicitly specify flags, try to autodetect
- PKG_CHECK_MODULES([LZ4], - PKG_CHECK_MODULES([LZ4],
- [liblz4 >= 1.7.1], - [liblz4 >= 1.7.1 liblz4 < 100],
- [have_lz4="yes"], - [have_lz4="yes"],
- [] # If this fails, we will do another test next - [LZ4_LIBS="-llz4"] # If this fails, we will do another test next.
- # We also add set LZ4_LIBS otherwise the
- # linker will not know about the lz4 library
- ) - )
- fi - fi
@ -47,20 +49,24 @@
- fi - fi
- fi - fi
- -
- # if LZ4_LIBS is set, we assume it will work, otherwise test - # Double check we have a few needed functions
- if test -z "${LZ4_LIBS}"; then - if test "${have_lz4}" = "yes" ; then
- AC_CHECK_LIB([lz4], - AC_CHECK_LIB([lz4],
- [LZ4_compress], - [LZ4_compress_default],
- [LZ4_LIBS="-llz4"], - [],
- [have_lz4="no"])
- AC_CHECK_LIB([lz4],
- [LZ4_decompress_safe],
- [],
- [have_lz4="no"]) - [have_lz4="no"])
- fi - fi
- -
- if test "${have_lz4}" != "yes" ; then - if test "${have_lz4}" != "yes" ; then
- AC_MSG_RESULT([ usuable LZ4 library or header not found, using version in src/compat/compat-lz4.*]) - AC_MSG_RESULT([ usable LZ4 library or header not found, using version in src/compat/compat-lz4.*])
- AC_DEFINE([NEED_COMPAT_LZ4], [1], [use copy of LZ4 source in compat/]) - AC_DEFINE([NEED_COMPAT_LZ4], [1], [use copy of LZ4 source in compat/])
- LZ4_LIBS="" - LZ4_LIBS=""
- fi - fi
+ AC_MSG_RESULT([ usuable LZ4 library or header not found, using version in src/compat/compat-lz4.*]) + AC_MSG_RESULT([ usable LZ4 library or header not found, using version in src/compat/compat-lz4.*])
+ AC_DEFINE([NEED_COMPAT_LZ4], [1], [use copy of LZ4 source in compat/]) + AC_DEFINE([NEED_COMPAT_LZ4], [1], [use copy of LZ4 source in compat/])
+ LZ4_LIBS="" + LZ4_LIBS=""
OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}" OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}"

View file

@ -1,11 +0,0 @@
--- a/src/openvpn/ssl_mbedtls.c
+++ b/src/openvpn/ssl_mbedtls.c
@@ -803,7 +803,7 @@ tls_ctx_personalise_random(struct tls_ro
{
mbedtls_x509_crt *cert = ctx->crt_chain;
- mbedtls_sha256(cert->tbs.p, cert->tbs.len, sha256_hash, false);
+ mbedtls_sha256_ret(cert->tbs.p, cert->tbs.len, sha256_hash, false);
if (0 != memcmp(old_sha256_hash, sha256_hash, sizeof(sha256_hash)))
{
mbedtls_ctr_drbg_update(cd_ctx, sha256_hash, 32);