mirror of
https://anongit.gentoo.org/git/repo/gentoo.git
synced 2025-12-16 23:19:31 +00:00
bb90632ae7the module 'radius' have an outdated built-in-md5 that fails with modern compilers. force md5-openssl to solve it. deps : only the module 'rewrite' needs idn and the two libidn/libidn2 are supported add zlib for the modules 'deflate' and 'sftp' the module 'kerberos' requires libcom_err from e2fsprogs sodium is only used with sql's modules clamav is only a runtime dep remove a no-op sed for gss, configure.ac was renew since patches : fix C23 unprototyped functions (PR merged) make conditionnal an old cipher Closes: https://bugs.gentoo.org/880481 Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Part-of: https://github.com/gentoo/gentoo/pull/43785 Closes: https://github.com/gentoo/gentoo/pull/43785 Signed-off-by: Sam James <sam@gentoo.org>
25 lines
1 KiB
Diff
25 lines
1 KiB
Diff
PR pending https://github.com/proftpd/proftpd/pull/1980.patch
|
|
AES_ctr_128 is not supported with >=openssl-3.0
|
|
--- a/contrib/mod_sftp/crypto.c
|
|
+++ b/contrib/mod_sftp/crypto.c
|
|
@@ -715,8 +715,9 @@ static int do_aes_ctr(EVP_CIPHER_CTX *ctx, unsigned char *dst,
|
|
return 0;
|
|
}
|
|
|
|
-# if OPENSSL_VERSION_NUMBER <= 0x0090704fL || \
|
|
- OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
+# if (OPENSSL_VERSION_NUMBER <= 0x0090704fL || \
|
|
+ OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
|
|
+ OPENSSL_VERSION_NUMBER < 0x30000000L
|
|
/* In OpenSSL-0.9.7d and earlier, the AES CTR code did not properly handle
|
|
* the IV as big-endian; this would cause the dreaded "Incorrect MAC
|
|
* received on packet" error when using clients e.g. PuTTy. To see
|
|
@@ -747,7 +748,7 @@ static int do_aes_ctr(EVP_CIPHER_CTX *ctx, unsigned char *dst,
|
|
}
|
|
|
|
return 1;
|
|
-# else
|
|
+# elif OPENSSL_VERSION_NUMBER < 0x30000000L
|
|
/* Thin wrapper around AES_ctr128_encrypt(). */
|
|
AES_ctr128_encrypt(src, dst, len, &(ace->key), ace->counter, ace->enc_counter,
|
|
&(ace->num));
|