2e00df0f1e
git-svn-id: svn://svn.openwrt.org/openwrt/packages@35413 3c298f89-4303-0410-b956-a3cf2f4a3e73
75 lines
1.6 KiB
Diff
75 lines
1.6 KiB
Diff
--- a/src/ssl.c
|
|
+++ b/src/ssl.c
|
|
@@ -46,20 +46,23 @@
|
|
#include <polarssl/ssl.h>
|
|
#include <polarssl/net.h>
|
|
|
|
+#ifdef POLARSSL_API_V1_2
|
|
+int ciphers[] =
|
|
+{
|
|
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
|
|
+ TLS_RSA_WITH_AES_256_CBC_SHA,
|
|
+ TLS_RSA_WITH_AES_128_CBC_SHA,
|
|
+ 0
|
|
+};
|
|
+#else
|
|
int ciphers[] =
|
|
{
|
|
SSL_EDH_RSA_AES_256_SHA,
|
|
- SSL_EDH_RSA_CAMELLIA_256_SHA,
|
|
- SSL_EDH_RSA_DES_168_SHA,
|
|
SSL_RSA_AES_256_SHA,
|
|
- SSL_RSA_CAMELLIA_256_SHA,
|
|
SSL_RSA_AES_128_SHA,
|
|
- SSL_RSA_CAMELLIA_128_SHA,
|
|
- SSL_RSA_DES_168_SHA,
|
|
- SSL_RSA_RC4_128_SHA,
|
|
- SSL_RSA_RC4_128_MD5,
|
|
0
|
|
};
|
|
+#endif
|
|
static x509_cert certificate;
|
|
static rsa_context key;
|
|
bool_t builtInTestCertificate;
|
|
@@ -170,8 +173,13 @@ void SSLi_deinit(void)
|
|
/* Create SHA1 of last certificate in the peer's chain. */
|
|
bool_t SSLi_getSHA1Hash(SSL_handle_t *ssl, uint8_t *hash)
|
|
{
|
|
- x509_cert *cert = ssl->peer_cert;
|
|
- if (!ssl->peer_cert) {
|
|
+ x509_cert *cert;
|
|
+#ifdef POLARSSL_API_V1_2
|
|
+ cert = ssl_get_peer_cert(ssl);
|
|
+#else
|
|
+ cert = ssl->peer_cert;
|
|
+#endif
|
|
+ if (!cert) {
|
|
return false;
|
|
}
|
|
sha1(cert->raw.p, cert->raw.len, hash);
|
|
@@ -207,7 +215,12 @@ SSL_handle_t *SSLi_newconnection(int *fd
|
|
#else
|
|
ssl_set_ciphers(ssl, ciphers);
|
|
#endif
|
|
+
|
|
+#ifdef POLARSSL_API_V1_2
|
|
+ ssl_set_session(ssl, ssn);
|
|
+#else
|
|
ssl_set_session(ssl, 0, 0, ssn);
|
|
+#endif
|
|
|
|
ssl_set_ca_chain(ssl, &certificate, NULL, NULL);
|
|
ssl_set_own_cert(ssl, &certificate, &key);
|
|
--- a/src/ssl.h
|
|
+++ b/src/ssl.h
|
|
@@ -68,6 +68,9 @@
|
|
} \
|
|
} while (0)
|
|
#endif
|
|
+ #if (POLARSSL_VERSION_MINOR >= 2)
|
|
+ #define POLARSSL_API_V1_2
|
|
+ #endif
|
|
#endif
|
|
#endif
|
|
|