diff mbox series

[LEDE-DEV] openvpn: fix interface with mbedtls_sha256

Message ID 87d115nm6z.fsf@husum.klickitat.com
State Accepted
Delegated to: Hauke Mehrtens
Headers show
Series [LEDE-DEV] openvpn: fix interface with mbedtls_sha256 | expand

Commit Message

Russell Senior Feb. 16, 2018, 12:39 p.m. UTC 
Between mbedtls 2.6.0 and 2.7.0, the void returning mbedtls_MODULE* functions
were deprecated in favor of functions returning an int error code.  Use
the new function mbedtls_sha256_ret().

Signed-off-by: Russell Senior <russell@personaltelco.net>
---
 .../300-mbedtls_dont_use_deprecated_sha256_function.patch     | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 package/network/services/openvpn/patches/300-mbedtls_dont_use_deprecated_sha256_function.patch

Comments

Koen Vandeputte Feb. 16, 2018, 1:31 p.m. UTC | #1 
Fixes the build issue



Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
diff mbox series

Patch

diff --git a/package/network/services/openvpn/patches/300-mbedtls_dont_use_deprecated_sha256_function.patch b/package/network/services/openvpn/patches/300-mbedtls_dont_use_deprecated_sha256_function.patch
new file mode 100644
index 0000000000..b9201a599a
--- /dev/null
+++ b/package/network/services/openvpn/patches/300-mbedtls_dont_use_deprecated_sha256_function.patch
@@ -0,0 +1,11 @@ 
+--- a/src/openvpn/ssl_mbedtls.c
++++ b/src/openvpn/ssl_mbedtls.c
+@@ -803,7 +803,7 @@ tls_ctx_personalise_random(struct tls_ro
+     {
+         mbedtls_x509_crt *cert = ctx->crt_chain;
+ 
+-        mbedtls_sha256(cert->tbs.p, cert->tbs.len, sha256_hash, false);
++        mbedtls_sha256_ret(cert->tbs.p, cert->tbs.len, sha256_hash, false);
+         if (0 != memcmp(old_sha256_hash, sha256_hash, sizeof(sha256_hash)))
+         {
+             mbedtls_ctr_drbg_update(cd_ctx, sha256_hash, 32);