1
0
mirror of https://github.com/moparisthebest/arch-ppa synced 2024-12-24 07:28:49 -05:00

Update axtls

This commit is contained in:
Travis Burtrum 2018-01-16 01:49:46 -05:00
parent 74c23161bf
commit 6d3d9c4434
4 changed files with 20 additions and 96 deletions

View File

@ -9,7 +9,7 @@ CONFIG_PLATFORM_LINUX=y
#
# General Configuration
#
PREFIX="/usr"
PREFIX="/usr/local"
# CONFIG_DEBUG is not set
CONFIG_STRIP_UNWANTED_SECTIONS=y
# CONFIG_VISUAL_STUDIO_7_0 is not set
@ -26,8 +26,8 @@ CONFIG_EXTRA_LDFLAGS_OPTIONS=""
#
# CONFIG_SSL_SERVER_ONLY is not set
# CONFIG_SSL_CERT_VERIFICATION is not set
CONFIG_SSL_ENABLE_CLIENT=y
# CONFIG_SSL_FULL_MODE is not set
# CONFIG_SSL_ENABLE_CLIENT is not set
CONFIG_SSL_FULL_MODE=y
# CONFIG_SSL_SKELETON_MODE is not set
# CONFIG_SSL_PROT_LOW is not set
CONFIG_SSL_PROT_MEDIUM=y
@ -40,17 +40,15 @@ CONFIG_SSL_X509_CERT_LOCATION=""
CONFIG_SSL_X509_COMMON_NAME=""
CONFIG_SSL_X509_ORGANIZATION_NAME=""
CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME=""
CONFIG_SSL_ENABLE_V23_HANDSHAKE=y
# CONFIG_SSL_HAS_PEM is not set
# CONFIG_SSL_USE_PKCS12 is not set
CONFIG_SSL_HAS_PEM=y
CONFIG_SSL_USE_PKCS12=y
CONFIG_SSL_EXPIRY_TIME=24
CONFIG_X509_MAX_CA_CERTS=150
CONFIG_SSL_MAX_CERTS=3
# CONFIG_SSL_CTX_MUTEXING is not set
CONFIG_USE_DEV_URANDOM=y
# CONFIG_WIN32_USE_CRYPTO_LIB is not set
CONFIG_OPENSSL_COMPATIBLE=y
CONFIG_SSL_SNI=y
# CONFIG_OPENSSL_COMPATIBLE is not set
# CONFIG_PERFORMANCE_TESTING is not set
# CONFIG_SSL_TEST is not set
# CONFIG_AXTLSWRAP is not set
@ -93,8 +91,8 @@ CONFIG_LUA_CORE=""
#
# Samples
#
CONFIG_SAMPLES=y
CONFIG_C_SAMPLES=y
# CONFIG_SAMPLES is not set
# CONFIG_C_SAMPLES is not set
# CONFIG_CSHARP_SAMPLES is not set
# CONFIG_VBNET_SAMPLES is not set
# CONFIG_JAVA_SAMPLES is not set

View File

@ -1,6 +1,6 @@
# Maintainer: Versus Void
pkgname=axtls
pkgver=1.5.4
pkgver=2.1.4
pkgrel=1
pkgdesc="Highly configurable client/server TLSv1.2 library"
arch=(x86_64 i686)
@ -9,20 +9,17 @@ license=('BSD')
groups=()
makedepends=()
source=("http://downloads.sourceforge.net/sourceforge/${pkgname}/axTLS-${pkgver}.tar.gz"
"axtls-sni.patch"
"config.h"
".config"
)
#noextract=()
sha256sums=("24d50cc4f5908d06cfacb2a3916d91ed75c5b1441809e47bc45e1053d6ba5d91"
"28906cc3e4684f61791371d6de635618652bbc56e1b445ffcd397ffcc513ca8f"
"8e32ee043b3e704e58e938eb1b28a495f3d0d2fbb241dfa2b0654e2c2f40ddb2"
"17fcc8fe52357724a59c4bb2973274697bde3573160ac007306e788e3859e88f"
sha256sums=("e53dd20e2b619349bc48b631176a38742ea600333fd0349df83c6366b7be05bb"
"b9f276b4b04daa3e36cb3fa71771796327904fa2c5e55d205d3148cae8bf17d5"
"ae1d08b8b3bcc4ab9dccb62902f2c5e35d435eba3f9fe81da523fe3a2bc87b53"
)
prepare() {
cd "axtls-code"
patch -p1 -i "$srcdir/axtls-sni.patch"
cp "$srcdir/config.h" config/
cp "$srcdir/.config" config/
sed -i '/rm $(PREFIX)\/include\/axTLS\/os_port.h/d' Makefile

View File

@ -1,69 +0,0 @@
diff -rU 4 a/ssl/Config.in b/ssl/Config.in
--- a/ssl/Config.in 2014-10-27 13:30:33.000000000 +0300
+++ b/ssl/Config.in 2015-06-09 18:32:26.000000000 +0300
@@ -314,8 +314,15 @@
Note: not all the API is implemented, so parts may still break. And
it's definitely not 100% compatible.
+config CONFIG_SSL_SNI
+ bool "Enable SNI"
+ default y
+ help
+ An extension to the TLS.
+ See 3.1 Server Name Indication at RFC 3546.
+
config CONFIG_PERFORMANCE_TESTING
bool "Build the bigint performance test tool"
default n
depends on CONFIG_SSL_CERT_VERIFICATION
diff -rU 4 a/ssl/tls1_clnt.c b/ssl/tls1_clnt.c
--- a/ssl/tls1_clnt.c 2014-11-07 03:24:28.000000000 +0300
+++ b/ssl/tls1_clnt.c 2015-06-09 18:32:26.000000000 +0300
@@ -218,8 +218,30 @@
}
buf[offset++] = 1; /* no compression */
buf[offset++] = 0;
+
+#ifdef CONFIG_SSL_SNI
+ if (ssl->host_name != NULL) {
+ unsigned int host_len = strlen(ssl->host_name);
+
+ buf[offset++] = 0;
+ buf[offset++] = host_len+9; /* extensions length */
+
+ buf[offset++] = 0;
+ buf[offset++] = 0; /* server_name(0) (65535) */
+ buf[offset++] = 0;
+ buf[offset++] = host_len+5; /* server_name length */
+ buf[offset++] = 0;
+ buf[offset++] = host_len+3; /* server_list length */
+ buf[offset++] = 0; /* host_name(0) (255) */
+ buf[offset++] = 0;
+ buf[offset++] = host_len; /* host_name length */
+ strncpy((char*) &buf[offset], ssl->host_name, host_len);
+ offset += host_len;
+ }
+#endif
+
buf[3] = offset - 4; /* handshake size */
return send_packet(ssl, PT_HANDSHAKE_PROTOCOL, NULL, offset);
}
diff -rU 4 a/ssl/tls1.h b/ssl/tls1.h
--- a/ssl/tls1.h 2015-04-30 08:41:49.000000000 +0300
+++ b/ssl/tls1.h 2015-06-09 18:32:26.000000000 +0300
@@ -195,8 +195,12 @@
uint8_t server_mac[SHA1_SIZE]; /* for HMAC verification */
uint8_t read_sequence[8]; /* 64 bit sequence number */
uint8_t write_sequence[8]; /* 64 bit sequence number */
uint8_t hmac_header[SSL_RECORD_SIZE]; /* rx hmac */
+
+#ifdef CONFIG_SSL_SNI
+ const char* host_name;
+#endif
};
typedef struct _SSL SSL;

View File

@ -10,7 +10,7 @@
/*
* General Configuration
*/
#define PREFIX "/usr"
#define PREFIX "/usr/local"
#undef CONFIG_DEBUG
#define CONFIG_STRIP_UNWANTED_SECTIONS 1
#undef CONFIG_VISUAL_STUDIO_7_0
@ -27,8 +27,8 @@
*/
#undef CONFIG_SSL_SERVER_ONLY
#undef CONFIG_SSL_CERT_VERIFICATION
#define CONFIG_SSL_ENABLE_CLIENT 1
#undef CONFIG_SSL_FULL_MODE
#undef CONFIG_SSL_ENABLE_CLIENT
#define CONFIG_SSL_FULL_MODE 1
#undef CONFIG_SSL_SKELETON_MODE
#undef CONFIG_SSL_PROT_LOW
#define CONFIG_SSL_PROT_MEDIUM 1
@ -41,17 +41,15 @@
#define CONFIG_SSL_X509_COMMON_NAME ""
#define CONFIG_SSL_X509_ORGANIZATION_NAME ""
#define CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME ""
#define CONFIG_SSL_ENABLE_V23_HANDSHAKE 1
#undef CONFIG_SSL_HAS_PEM
#undef CONFIG_SSL_USE_PKCS12
#define CONFIG_SSL_HAS_PEM 1
#define CONFIG_SSL_USE_PKCS12 1
#define CONFIG_SSL_EXPIRY_TIME 24
#define CONFIG_X509_MAX_CA_CERTS 150
#define CONFIG_SSL_MAX_CERTS 3
#undef CONFIG_SSL_CTX_MUTEXING
#define CONFIG_USE_DEV_URANDOM 1
#undef CONFIG_WIN32_USE_CRYPTO_LIB
#define CONFIG_OPENSSL_COMPATIBLE 1
#define CONFIG_SSL_SNI 1
#undef CONFIG_OPENSSL_COMPATIBLE
#undef CONFIG_PERFORMANCE_TESTING
#undef CONFIG_SSL_TEST
#undef CONFIG_AXTLSWRAP
@ -94,8 +92,8 @@
/*
* Samples
*/
#define CONFIG_SAMPLES 1
#define CONFIG_C_SAMPLES 1
#undef CONFIG_SAMPLES
#undef CONFIG_C_SAMPLES
#undef CONFIG_CSHARP_SAMPLES
#undef CONFIG_VBNET_SAMPLES
#undef CONFIG_JAVA_SAMPLES