1
0
mirror of https://github.com/moparisthebest/arch-ppa synced 2024-11-27 11:02:17 -05:00

Update axtls

This commit is contained in:
Travis Burtrum 2018-01-16 01:49:46 -05:00
parent 74c23161bf
commit 6d3d9c4434
4 changed files with 20 additions and 96 deletions

View File

@ -9,7 +9,7 @@ CONFIG_PLATFORM_LINUX=y
# #
# General Configuration # General Configuration
# #
PREFIX="/usr" PREFIX="/usr/local"
# CONFIG_DEBUG is not set # CONFIG_DEBUG is not set
CONFIG_STRIP_UNWANTED_SECTIONS=y CONFIG_STRIP_UNWANTED_SECTIONS=y
# CONFIG_VISUAL_STUDIO_7_0 is not set # CONFIG_VISUAL_STUDIO_7_0 is not set
@ -26,8 +26,8 @@ CONFIG_EXTRA_LDFLAGS_OPTIONS=""
# #
# CONFIG_SSL_SERVER_ONLY is not set # CONFIG_SSL_SERVER_ONLY is not set
# CONFIG_SSL_CERT_VERIFICATION is not set # CONFIG_SSL_CERT_VERIFICATION is not set
CONFIG_SSL_ENABLE_CLIENT=y # CONFIG_SSL_ENABLE_CLIENT is not set
# CONFIG_SSL_FULL_MODE is not set CONFIG_SSL_FULL_MODE=y
# CONFIG_SSL_SKELETON_MODE is not set # CONFIG_SSL_SKELETON_MODE is not set
# CONFIG_SSL_PROT_LOW is not set # CONFIG_SSL_PROT_LOW is not set
CONFIG_SSL_PROT_MEDIUM=y CONFIG_SSL_PROT_MEDIUM=y
@ -40,17 +40,15 @@ CONFIG_SSL_X509_CERT_LOCATION=""
CONFIG_SSL_X509_COMMON_NAME="" CONFIG_SSL_X509_COMMON_NAME=""
CONFIG_SSL_X509_ORGANIZATION_NAME="" CONFIG_SSL_X509_ORGANIZATION_NAME=""
CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME="" CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME=""
CONFIG_SSL_ENABLE_V23_HANDSHAKE=y CONFIG_SSL_HAS_PEM=y
# CONFIG_SSL_HAS_PEM is not set CONFIG_SSL_USE_PKCS12=y
# CONFIG_SSL_USE_PKCS12 is not set
CONFIG_SSL_EXPIRY_TIME=24 CONFIG_SSL_EXPIRY_TIME=24
CONFIG_X509_MAX_CA_CERTS=150 CONFIG_X509_MAX_CA_CERTS=150
CONFIG_SSL_MAX_CERTS=3 CONFIG_SSL_MAX_CERTS=3
# CONFIG_SSL_CTX_MUTEXING is not set # CONFIG_SSL_CTX_MUTEXING is not set
CONFIG_USE_DEV_URANDOM=y CONFIG_USE_DEV_URANDOM=y
# CONFIG_WIN32_USE_CRYPTO_LIB is not set # CONFIG_WIN32_USE_CRYPTO_LIB is not set
CONFIG_OPENSSL_COMPATIBLE=y # CONFIG_OPENSSL_COMPATIBLE is not set
CONFIG_SSL_SNI=y
# CONFIG_PERFORMANCE_TESTING is not set # CONFIG_PERFORMANCE_TESTING is not set
# CONFIG_SSL_TEST is not set # CONFIG_SSL_TEST is not set
# CONFIG_AXTLSWRAP is not set # CONFIG_AXTLSWRAP is not set
@ -93,8 +91,8 @@ CONFIG_LUA_CORE=""
# #
# Samples # Samples
# #
CONFIG_SAMPLES=y # CONFIG_SAMPLES is not set
CONFIG_C_SAMPLES=y # CONFIG_C_SAMPLES is not set
# CONFIG_CSHARP_SAMPLES is not set # CONFIG_CSHARP_SAMPLES is not set
# CONFIG_VBNET_SAMPLES is not set # CONFIG_VBNET_SAMPLES is not set
# CONFIG_JAVA_SAMPLES is not set # CONFIG_JAVA_SAMPLES is not set

View File

@ -1,6 +1,6 @@
# Maintainer: Versus Void # Maintainer: Versus Void
pkgname=axtls pkgname=axtls
pkgver=1.5.4 pkgver=2.1.4
pkgrel=1 pkgrel=1
pkgdesc="Highly configurable client/server TLSv1.2 library" pkgdesc="Highly configurable client/server TLSv1.2 library"
arch=(x86_64 i686) arch=(x86_64 i686)
@ -9,20 +9,17 @@ license=('BSD')
groups=() groups=()
makedepends=() makedepends=()
source=("http://downloads.sourceforge.net/sourceforge/${pkgname}/axTLS-${pkgver}.tar.gz" source=("http://downloads.sourceforge.net/sourceforge/${pkgname}/axTLS-${pkgver}.tar.gz"
"axtls-sni.patch"
"config.h" "config.h"
".config" ".config"
) )
#noextract=() #noextract=()
sha256sums=("24d50cc4f5908d06cfacb2a3916d91ed75c5b1441809e47bc45e1053d6ba5d91" sha256sums=("e53dd20e2b619349bc48b631176a38742ea600333fd0349df83c6366b7be05bb"
"28906cc3e4684f61791371d6de635618652bbc56e1b445ffcd397ffcc513ca8f" "b9f276b4b04daa3e36cb3fa71771796327904fa2c5e55d205d3148cae8bf17d5"
"8e32ee043b3e704e58e938eb1b28a495f3d0d2fbb241dfa2b0654e2c2f40ddb2" "ae1d08b8b3bcc4ab9dccb62902f2c5e35d435eba3f9fe81da523fe3a2bc87b53"
"17fcc8fe52357724a59c4bb2973274697bde3573160ac007306e788e3859e88f"
) )
prepare() { prepare() {
cd "axtls-code" cd "axtls-code"
patch -p1 -i "$srcdir/axtls-sni.patch"
cp "$srcdir/config.h" config/ cp "$srcdir/config.h" config/
cp "$srcdir/.config" config/ cp "$srcdir/.config" config/
sed -i '/rm $(PREFIX)\/include\/axTLS\/os_port.h/d' Makefile sed -i '/rm $(PREFIX)\/include\/axTLS\/os_port.h/d' Makefile

View File

@ -1,69 +0,0 @@
diff -rU 4 a/ssl/Config.in b/ssl/Config.in
--- a/ssl/Config.in 2014-10-27 13:30:33.000000000 +0300
+++ b/ssl/Config.in 2015-06-09 18:32:26.000000000 +0300
@@ -314,8 +314,15 @@
Note: not all the API is implemented, so parts may still break. And
it's definitely not 100% compatible.
+config CONFIG_SSL_SNI
+ bool "Enable SNI"
+ default y
+ help
+ An extension to the TLS.
+ See 3.1 Server Name Indication at RFC 3546.
+
config CONFIG_PERFORMANCE_TESTING
bool "Build the bigint performance test tool"
default n
depends on CONFIG_SSL_CERT_VERIFICATION
diff -rU 4 a/ssl/tls1_clnt.c b/ssl/tls1_clnt.c
--- a/ssl/tls1_clnt.c 2014-11-07 03:24:28.000000000 +0300
+++ b/ssl/tls1_clnt.c 2015-06-09 18:32:26.000000000 +0300
@@ -218,8 +218,30 @@
}
buf[offset++] = 1; /* no compression */
buf[offset++] = 0;
+
+#ifdef CONFIG_SSL_SNI
+ if (ssl->host_name != NULL) {
+ unsigned int host_len = strlen(ssl->host_name);
+
+ buf[offset++] = 0;
+ buf[offset++] = host_len+9; /* extensions length */
+
+ buf[offset++] = 0;
+ buf[offset++] = 0; /* server_name(0) (65535) */
+ buf[offset++] = 0;
+ buf[offset++] = host_len+5; /* server_name length */
+ buf[offset++] = 0;
+ buf[offset++] = host_len+3; /* server_list length */
+ buf[offset++] = 0; /* host_name(0) (255) */
+ buf[offset++] = 0;
+ buf[offset++] = host_len; /* host_name length */
+ strncpy((char*) &buf[offset], ssl->host_name, host_len);
+ offset += host_len;
+ }
+#endif
+
buf[3] = offset - 4; /* handshake size */
return send_packet(ssl, PT_HANDSHAKE_PROTOCOL, NULL, offset);
}
diff -rU 4 a/ssl/tls1.h b/ssl/tls1.h
--- a/ssl/tls1.h 2015-04-30 08:41:49.000000000 +0300
+++ b/ssl/tls1.h 2015-06-09 18:32:26.000000000 +0300
@@ -195,8 +195,12 @@
uint8_t server_mac[SHA1_SIZE]; /* for HMAC verification */
uint8_t read_sequence[8]; /* 64 bit sequence number */
uint8_t write_sequence[8]; /* 64 bit sequence number */
uint8_t hmac_header[SSL_RECORD_SIZE]; /* rx hmac */
+
+#ifdef CONFIG_SSL_SNI
+ const char* host_name;
+#endif
};
typedef struct _SSL SSL;

View File

@ -10,7 +10,7 @@
/* /*
* General Configuration * General Configuration
*/ */
#define PREFIX "/usr" #define PREFIX "/usr/local"
#undef CONFIG_DEBUG #undef CONFIG_DEBUG
#define CONFIG_STRIP_UNWANTED_SECTIONS 1 #define CONFIG_STRIP_UNWANTED_SECTIONS 1
#undef CONFIG_VISUAL_STUDIO_7_0 #undef CONFIG_VISUAL_STUDIO_7_0
@ -27,8 +27,8 @@
*/ */
#undef CONFIG_SSL_SERVER_ONLY #undef CONFIG_SSL_SERVER_ONLY
#undef CONFIG_SSL_CERT_VERIFICATION #undef CONFIG_SSL_CERT_VERIFICATION
#define CONFIG_SSL_ENABLE_CLIENT 1 #undef CONFIG_SSL_ENABLE_CLIENT
#undef CONFIG_SSL_FULL_MODE #define CONFIG_SSL_FULL_MODE 1
#undef CONFIG_SSL_SKELETON_MODE #undef CONFIG_SSL_SKELETON_MODE
#undef CONFIG_SSL_PROT_LOW #undef CONFIG_SSL_PROT_LOW
#define CONFIG_SSL_PROT_MEDIUM 1 #define CONFIG_SSL_PROT_MEDIUM 1
@ -41,17 +41,15 @@
#define CONFIG_SSL_X509_COMMON_NAME "" #define CONFIG_SSL_X509_COMMON_NAME ""
#define CONFIG_SSL_X509_ORGANIZATION_NAME "" #define CONFIG_SSL_X509_ORGANIZATION_NAME ""
#define CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME "" #define CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME ""
#define CONFIG_SSL_ENABLE_V23_HANDSHAKE 1 #define CONFIG_SSL_HAS_PEM 1
#undef CONFIG_SSL_HAS_PEM #define CONFIG_SSL_USE_PKCS12 1
#undef CONFIG_SSL_USE_PKCS12
#define CONFIG_SSL_EXPIRY_TIME 24 #define CONFIG_SSL_EXPIRY_TIME 24
#define CONFIG_X509_MAX_CA_CERTS 150 #define CONFIG_X509_MAX_CA_CERTS 150
#define CONFIG_SSL_MAX_CERTS 3 #define CONFIG_SSL_MAX_CERTS 3
#undef CONFIG_SSL_CTX_MUTEXING #undef CONFIG_SSL_CTX_MUTEXING
#define CONFIG_USE_DEV_URANDOM 1 #define CONFIG_USE_DEV_URANDOM 1
#undef CONFIG_WIN32_USE_CRYPTO_LIB #undef CONFIG_WIN32_USE_CRYPTO_LIB
#define CONFIG_OPENSSL_COMPATIBLE 1 #undef CONFIG_OPENSSL_COMPATIBLE
#define CONFIG_SSL_SNI 1
#undef CONFIG_PERFORMANCE_TESTING #undef CONFIG_PERFORMANCE_TESTING
#undef CONFIG_SSL_TEST #undef CONFIG_SSL_TEST
#undef CONFIG_AXTLSWRAP #undef CONFIG_AXTLSWRAP
@ -94,8 +92,8 @@
/* /*
* Samples * Samples
*/ */
#define CONFIG_SAMPLES 1 #undef CONFIG_SAMPLES
#define CONFIG_C_SAMPLES 1 #undef CONFIG_C_SAMPLES
#undef CONFIG_CSHARP_SAMPLES #undef CONFIG_CSHARP_SAMPLES
#undef CONFIG_VBNET_SAMPLES #undef CONFIG_VBNET_SAMPLES
#undef CONFIG_JAVA_SAMPLES #undef CONFIG_JAVA_SAMPLES