1 diff -Naur stunnel-5.30.orig/src/ctx.c stunnel-5.30/src/ctx.c
2 --- stunnel-5.30.orig/src/ctx.c 2016-01-15 16:45:23.000000000 +0000
3 +++ stunnel-5.30/src/ctx.c 2016-05-14 15:16:47.392859450 +0000
5 /**************************************** initialize OpenSSL CONF */
7 NOEXPORT int conf_init(SERVICE_OPTIONS *section) {
8 -#if OPENSSL_VERSION_NUMBER>=0x10002000L
9 +#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
13 diff -Naur stunnel-5.30.orig/src/verify.c stunnel-5.30/src/verify.c
14 --- stunnel-5.30.orig/src/verify.c 2016-01-15 16:45:23.000000000 +0000
15 +++ stunnel-5.30/src/verify.c 2016-05-14 15:16:10.369860180 +0000
17 NOEXPORT int verify_callback(int, X509_STORE_CTX *);
18 NOEXPORT int verify_checks(CLI *, int, X509_STORE_CTX *);
19 NOEXPORT int cert_check(CLI *, X509_STORE_CTX *, int);
20 -#if OPENSSL_VERSION_NUMBER>=0x10002000L
21 +#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
22 NOEXPORT int cert_check_subject(CLI *, X509_STORE_CTX *);
23 #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
24 NOEXPORT int cert_check_local(X509_STORE_CTX *);
28 if(depth==0) { /* additional peer certificate checks */
29 -#if OPENSSL_VERSION_NUMBER>=0x10002000L
30 +#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
31 if(!cert_check_subject(c, callback_ctx))
32 return 0; /* reject */
33 #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
35 return 1; /* accept */
38 -#if OPENSSL_VERSION_NUMBER>=0x10002000L
39 +#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
40 NOEXPORT int cert_check_subject(CLI *c, X509_STORE_CTX *callback_ctx) {
41 X509 *cert=X509_STORE_CTX_get_current_cert(callback_ctx);