Date: Tuesday, February 15, 2022 @ 21:30:50 Author: arojas Revision: 437426
archrelease: copy trunk to extra-x86_64 Added: vde2/repos/extra-x86_64/PKGBUILD (from rev 437425, vde2/trunk/PKGBUILD) vde2/repos/extra-x86_64/dhcpd.conf.sample (from rev 437425, vde2/trunk/dhcpd.conf.sample) vde2/repos/extra-x86_64/format-security.patch (from rev 437425, vde2/trunk/format-security.patch) vde2/repos/extra-x86_64/iptables.rules.sample (from rev 437425, vde2/trunk/iptables.rules.sample) vde2/repos/extra-x86_64/vde-config.sample (from rev 437425, vde2/trunk/vde-config.sample) vde2/repos/extra-x86_64/vde-connection.sample (from rev 437425, vde2/trunk/vde-connection.sample) vde2/repos/extra-x86_64/vde2.install (from rev 437425, vde2/trunk/vde2.install) vde2/repos/extra-x86_64/vde_cryptcab-compile-against-openssl-1.1.0.patch (from rev 437425, vde2/trunk/vde_cryptcab-compile-against-openssl-1.1.0.patch) Deleted: vde2/repos/extra-x86_64/PKGBUILD vde2/repos/extra-x86_64/dhcpd.conf.sample vde2/repos/extra-x86_64/iptables.rules.sample vde2/repos/extra-x86_64/vde-config.sample vde2/repos/extra-x86_64/vde-connection.sample vde2/repos/extra-x86_64/vde2.install vde2/repos/extra-x86_64/vde_cryptcab-compile-against-openssl-1.1.0.patch --------------------------------------------------+ PKGBUILD | 110 +++++------- dhcpd.conf.sample | 24 +- format-security.patch | 33 +++ iptables.rules.sample | 10 - vde-config.sample | 70 +++---- vde-connection.sample | 12 - vde2.install | 18 +- vde_cryptcab-compile-against-openssl-1.1.0.patch | 184 ++++++++++----------- 8 files changed, 244 insertions(+), 217 deletions(-) Deleted: PKGBUILD =================================================================== --- PKGBUILD 2022-02-15 21:30:32 UTC (rev 437425) +++ PKGBUILD 2022-02-15 21:30:50 UTC (rev 437426) @@ -1,58 +0,0 @@ -# Contributor: Sergej Pupykin -# Maintainer: Tobias Powalowski <tp...@archlinux.org> -pkgname=vde2 -pkgver=2.3.2 -pkgrel=19 -pkgdesc="Virtual Distributed Ethernet for emulators like qemu" -url="https://sourceforge.net/projects/vde/" -license=("GPL" "LGPL" "CUSTOM") -arch=('x86_64') -depends=('bash' 'libpcap' 'openssl') -makedepends=('python') -source=(https://downloads.sourceforge.net/vde/$pkgname-$pkgver.tar.bz2 - vde_cryptcab-compile-against-openssl-1.1.0.patch - dhcpd.conf.sample - iptables.rules.sample - vde-config.sample - vde-connection.sample - https://github.com/virtualsquare/vde-2/commit/7f7593cd.patch - https://github.com/virtualsquare/vde-2/commit/738d5149.patch - https://github.com/virtualsquare/vde-2/commit/561701bb.patch) -install=vde2.install -options=(!makeflags) -sha256sums=('cbea9b7e03097f87a6b5e98b07890d2275848f1fe4b9fcda77b8994148bc9542' - '110370a5f48f1e241d43f8bb5e3ea6d2ca7d2c1949e1cf672d03bfc897f2e11f' - 'da0e2766dc63069da929c28126831ad5fdddcc4a04105a21217d78832c7ca1bc' - '99076d7466cd99673dbe91ef83865187e7868177959b38e125df63eea957f83e' - '5727c215646333c37b26388146cd3e6b3814b88d60d54051d7da99e00c0aef87' - '5139110ed6d5d1174bf12971512dac5196d9d07df46dd393d7b1cd083118fe9b' - 'a0d020f687254b12776ec18f60ce734fbc92ed4d6f5d81a1fba040d73762c2e1' - 'efad3a713b85265cd9691d8df513a1f7ebd678fc133f8efc2778b806cebf5ba1' - '66806a7f893947ab009bd1dae71d2bbb713ae837e0e12c08047c007269d4ce29') - -prepare() { - cd $pkgname-$pkgver - patch -Np1 -i ../vde_cryptcab-compile-against-openssl-1.1.0.patch -# Fix format-security build errors - patch -p2 -i ../7f7593cd.patch - patch -p2 -i ../738d5149.patch - patch -p1 -i ../561701bb.patch -} - -build() { - cd $pkgname-$pkgver - ./configure --prefix=/usr --sbindir=/usr/bin --sysconfdir=/etc --libexecdir=/usr/lib/vde2 \ - --enable-experimental - make -} - -package() { - cd $pkgname-$pkgver - make prefix="$pkgdir/usr" sysconfdir="$pkgdir/etc" sbindir="$pkgdir/usr/bin" libexecdir="$pkgdir/usr/lib/vde2" install - install -D -m 644 ../vde-config.sample "$pkgdir"/etc/vde/vde-config.sample - install -D -m 644 ../vde-connection.sample "$pkgdir"/etc/vde/vde-connection.sample - install -D -m 644 ../dhcpd.conf.sample "$pkgdir"/usr/share/vde2/dhcpd.conf.sample - install -D -m 644 ../iptables.rules.sample "$pkgdir"/usr/share/vde2/iptables.rules.sample - # install slirp license - install -D -m 644 COPYING.slirpvde "$pkgdir"/usr/share/licenses/vde2/COPYING.slirpvde -} Copied: vde2/repos/extra-x86_64/PKGBUILD (from rev 437425, vde2/trunk/PKGBUILD) =================================================================== --- PKGBUILD (rev 0) +++ PKGBUILD 2022-02-15 21:30:50 UTC (rev 437426) @@ -0,0 +1,52 @@ +# Contributor: Sergej Pupykin +# Maintainer: Tobias Powalowski <tp...@archlinux.org> +pkgname=vde2 +pkgver=2.3.2 +pkgrel=20 +pkgdesc="Virtual Distributed Ethernet for emulators like qemu" +url="https://sourceforge.net/projects/vde/" +license=("GPL" "LGPL" "CUSTOM") +arch=('x86_64') +depends=('bash' 'libpcap' 'openssl') +makedepends=('python') +source=(https://downloads.sourceforge.net/vde/$pkgname-$pkgver.tar.bz2 + vde_cryptcab-compile-against-openssl-1.1.0.patch + dhcpd.conf.sample + iptables.rules.sample + vde-config.sample + vde-connection.sample + format-security.patch) +install=vde2.install +options=(!makeflags) +sha256sums=('cbea9b7e03097f87a6b5e98b07890d2275848f1fe4b9fcda77b8994148bc9542' + '110370a5f48f1e241d43f8bb5e3ea6d2ca7d2c1949e1cf672d03bfc897f2e11f' + 'da0e2766dc63069da929c28126831ad5fdddcc4a04105a21217d78832c7ca1bc' + '99076d7466cd99673dbe91ef83865187e7868177959b38e125df63eea957f83e' + '5727c215646333c37b26388146cd3e6b3814b88d60d54051d7da99e00c0aef87' + '5139110ed6d5d1174bf12971512dac5196d9d07df46dd393d7b1cd083118fe9b' + 'a3207c93c4be4848e09a0b8618dcdc4e9d88a99153e95d3fcdd690efa6237a79') + +prepare() { + cd $pkgname-$pkgver + patch -Np1 -i ../vde_cryptcab-compile-against-openssl-1.1.0.patch +# Fix format-security build errors + patch -p2 -i ../format-security.patch +} + +build() { + cd $pkgname-$pkgver + ./configure --prefix=/usr --sbindir=/usr/bin --sysconfdir=/etc --libexecdir=/usr/lib/vde2 \ + --enable-experimental + make +} + +package() { + cd $pkgname-$pkgver + make prefix="$pkgdir/usr" sysconfdir="$pkgdir/etc" sbindir="$pkgdir/usr/bin" libexecdir="$pkgdir/usr/lib/vde2" install + install -D -m 644 ../vde-config.sample "$pkgdir"/etc/vde/vde-config.sample + install -D -m 644 ../vde-connection.sample "$pkgdir"/etc/vde/vde-connection.sample + install -D -m 644 ../dhcpd.conf.sample "$pkgdir"/usr/share/vde2/dhcpd.conf.sample + install -D -m 644 ../iptables.rules.sample "$pkgdir"/usr/share/vde2/iptables.rules.sample + # install slirp license + install -D -m 644 COPYING.slirpvde "$pkgdir"/usr/share/licenses/vde2/COPYING.slirpvde +} Deleted: dhcpd.conf.sample =================================================================== --- dhcpd.conf.sample 2022-02-15 21:30:32 UTC (rev 437425) +++ dhcpd.conf.sample 2022-02-15 21:30:50 UTC (rev 437426) @@ -1,12 +0,0 @@ -ddns-update-style none; - -subnet 192.168.254.0 netmask 255.255.255.0 { - range 192.168.254.1 192.168.254.253; - option routers 192.168.254.254; - option domain-name "virtual.example.com"; - # find your DNS servers from /etc/resolv.conf - # otherwise only pure IP addresses will work - option domain-name-servers 192.168.254.254; - option broadcast-address 192.168.254.255; - default-lease-time 86400; -} Copied: vde2/repos/extra-x86_64/dhcpd.conf.sample (from rev 437425, vde2/trunk/dhcpd.conf.sample) =================================================================== --- dhcpd.conf.sample (rev 0) +++ dhcpd.conf.sample 2022-02-15 21:30:50 UTC (rev 437426) @@ -0,0 +1,12 @@ +ddns-update-style none; + +subnet 192.168.254.0 netmask 255.255.255.0 { + range 192.168.254.1 192.168.254.253; + option routers 192.168.254.254; + option domain-name "virtual.example.com"; + # find your DNS servers from /etc/resolv.conf + # otherwise only pure IP addresses will work + option domain-name-servers 192.168.254.254; + option broadcast-address 192.168.254.255; + default-lease-time 86400; +} Copied: vde2/repos/extra-x86_64/format-security.patch (from rev 437425, vde2/trunk/format-security.patch) =================================================================== --- format-security.patch (rev 0) +++ format-security.patch 2022-02-15 21:30:50 UTC (rev 437426) @@ -0,0 +1,33 @@ +diff --git a/vde-2/src/vde_switch/plugins/iplog.c b/vde-2/src/vde_switch/plugins/iplog.c +index dc2ad54..3bb113c 100644 +--- a/vde-2/src/vde_switch/plugins/iplog.c ++++ b/vde-2/src/vde_switch/plugins/iplog.c +@@ -214,7 +214,7 @@ static void ip_find_in_hash_update(int len, unsigned char *addr, unsigned char * + ctime_r(&ntime,stime); + writev(logfilefd,iov,3); + } else if (logfilefd != -1) +- syslog(LOG_INFO, msg); ++ syslog(LOG_INFO, "%s", msg); + DBGOUT(D_LOGIP_NEWIP,"%s",msg); + } + } +diff --git a/vde-2/src/common/cmdparse.c b/vde-2/src/common/cmdparse.c +index 05186d7..db349c7 100644 +--- a/vde-2/src/common/cmdparse.c ++++ b/vde-2/src/common/cmdparse.c +@@ -284,13 +284,13 @@ int utm_run(struct utm *utm, struct utm_buf *buf, int fd, int argc, char **argv, + int i; + for (i=0;i<argc;i++) { + if (i) fprintf(mf," "); +- fprintf(mf,argv[i]); ++ fprintf(mf, "%s", argv[i]); + } + } else { + int num=atoi(t); + while (*t >='0' && *t <= '9') t++; + if (num < argc) +- fprintf(mf,argv[num]); ++ fprintf(mf, "%s", argv[num]); + } + } else + fprintf(mf,"%c",*t); Deleted: iptables.rules.sample =================================================================== --- iptables.rules.sample 2022-02-15 21:30:32 UTC (rev 437425) +++ iptables.rules.sample 2022-02-15 21:30:50 UTC (rev 437426) @@ -1,5 +0,0 @@ -*filter --A INPUT -i tun -j ACCEPT --A FORWARD -s 192.168.254.0/255.255.255.0 -j ACCEPT -*nat --A POSTROUTING -s 192.168.254.0/24 -j MASQUERADE Copied: vde2/repos/extra-x86_64/iptables.rules.sample (from rev 437425, vde2/trunk/iptables.rules.sample) =================================================================== --- iptables.rules.sample (rev 0) +++ iptables.rules.sample 2022-02-15 21:30:50 UTC (rev 437426) @@ -0,0 +1,5 @@ +*filter +-A INPUT -i tun -j ACCEPT +-A FORWARD -s 192.168.254.0/255.255.255.0 -j ACCEPT +*nat +-A POSTROUTING -s 192.168.254.0/24 -j MASQUERADE Deleted: vde-config.sample =================================================================== --- vde-config.sample 2022-02-15 21:30:32 UTC (rev 437425) +++ vde-config.sample 2022-02-15 21:30:50 UTC (rev 437426) @@ -1,35 +0,0 @@ -# Set options vde_switch program -# To activate this vde profile add it to /etc/conf.d/vde - -# Global options -VDE_NUMPORTS="32" # Number of ports (default 32) -VDE_HUB="no" # [yes|no] Make the switch act as a hub -VDE_FSTP="no" # [yes|no] Activate the fast spanning tree protocol -VDE_MAC="" # Set the Switch MAC address -VDE_PRIORITY="" # Set the priority for FST (MAC extension) -VDE_HASHSIZE="" # Hash table size - -# Options from datasock module -VDE_SOCK="/var/run/vde/sample.sock" # control directory pathname -VDE_SOCK_MODE="660" # Standard access mode for comm sockets (octal) -VDE_SOCK_GROUP="root" # Group owner for comm sockets - -# Options from consmgmt module -VDE_MANAGEMENT_SOCK="/var/run/vde/sample.mgmt" # path of the management UNIX socket -VDE_MANAGEMENT_SOCK_MODE="660" # management UNIX socket access mode (octal) - -# Other options to parse to vde_switch -VDE_OPTIONS="" - -# VDE with internet support -# You can use either tuntap method or slirpvde method. - -# Options from tuntap module -VDE_TAP="" # Enable routing through TAP tap interface (comma separated array eg.:"tap0,tap1"). - -# slirpvde daemon support -SLIRP="no" # [yes|no] enable/disable SLIRP daemon support -SLIRP_DHCP="no" # [yes|no] turn on the DHCP server for the network autoconfiguration of all the units connected to the VDE -SLIRP_NETWORK="" # specify the network address (default 10.0.2.0) -# other options to parse to slirpvde -SLIRP_OPTIONS="" Copied: vde2/repos/extra-x86_64/vde-config.sample (from rev 437425, vde2/trunk/vde-config.sample) =================================================================== --- vde-config.sample (rev 0) +++ vde-config.sample 2022-02-15 21:30:50 UTC (rev 437426) @@ -0,0 +1,35 @@ +# Set options vde_switch program +# To activate this vde profile add it to /etc/conf.d/vde + +# Global options +VDE_NUMPORTS="32" # Number of ports (default 32) +VDE_HUB="no" # [yes|no] Make the switch act as a hub +VDE_FSTP="no" # [yes|no] Activate the fast spanning tree protocol +VDE_MAC="" # Set the Switch MAC address +VDE_PRIORITY="" # Set the priority for FST (MAC extension) +VDE_HASHSIZE="" # Hash table size + +# Options from datasock module +VDE_SOCK="/var/run/vde/sample.sock" # control directory pathname +VDE_SOCK_MODE="660" # Standard access mode for comm sockets (octal) +VDE_SOCK_GROUP="root" # Group owner for comm sockets + +# Options from consmgmt module +VDE_MANAGEMENT_SOCK="/var/run/vde/sample.mgmt" # path of the management UNIX socket +VDE_MANAGEMENT_SOCK_MODE="660" # management UNIX socket access mode (octal) + +# Other options to parse to vde_switch +VDE_OPTIONS="" + +# VDE with internet support +# You can use either tuntap method or slirpvde method. + +# Options from tuntap module +VDE_TAP="" # Enable routing through TAP tap interface (comma separated array eg.:"tap0,tap1"). + +# slirpvde daemon support +SLIRP="no" # [yes|no] enable/disable SLIRP daemon support +SLIRP_DHCP="no" # [yes|no] turn on the DHCP server for the network autoconfiguration of all the units connected to the VDE +SLIRP_NETWORK="" # specify the network address (default 10.0.2.0) +# other options to parse to slirpvde +SLIRP_OPTIONS="" Deleted: vde-connection.sample =================================================================== --- vde-connection.sample 2022-02-15 21:30:32 UTC (rev 437425) +++ vde-connection.sample 2022-02-15 21:30:50 UTC (rev 437426) @@ -1,6 +0,0 @@ -# You can add vde switch connections below -# just without the # at the beginning: -# vde_plug /var/run/vde/sample.sock = vde_plug /var/run/vde/sample2.sock -# or if hosts are different use this syntax: -# vde_plug /var/run/vde/sample.sock = ssh host2 vde_plug /var/run/vde/sample.sock - Copied: vde2/repos/extra-x86_64/vde-connection.sample (from rev 437425, vde2/trunk/vde-connection.sample) =================================================================== --- vde-connection.sample (rev 0) +++ vde-connection.sample 2022-02-15 21:30:50 UTC (rev 437426) @@ -0,0 +1,6 @@ +# You can add vde switch connections below +# just without the # at the beginning: +# vde_plug /var/run/vde/sample.sock = vde_plug /var/run/vde/sample2.sock +# or if hosts are different use this syntax: +# vde_plug /var/run/vde/sample.sock = ssh host2 vde_plug /var/run/vde/sample.sock + Deleted: vde2.install =================================================================== --- vde2.install 2022-02-15 21:30:32 UTC (rev 437425) +++ vde2.install 2022-02-15 21:30:50 UTC (rev 437426) @@ -1,9 +0,0 @@ -post_install() { - echo "vde config files should be placed in /etc/vde, sample files are provided." - echo "iptables and dhcpd sample files have been installed to '/usr/share/vde2'." - echo "Merge those examples, if needed to the according config files." -} - -post_upgrade() { - post_install $1 -} Copied: vde2/repos/extra-x86_64/vde2.install (from rev 437425, vde2/trunk/vde2.install) =================================================================== --- vde2.install (rev 0) +++ vde2.install 2022-02-15 21:30:50 UTC (rev 437426) @@ -0,0 +1,9 @@ +post_install() { + echo "vde config files should be placed in /etc/vde, sample files are provided." + echo "iptables and dhcpd sample files have been installed to '/usr/share/vde2'." + echo "Merge those examples, if needed to the according config files." +} + +post_upgrade() { + post_install $1 +} Deleted: vde_cryptcab-compile-against-openssl-1.1.0.patch =================================================================== --- vde_cryptcab-compile-against-openssl-1.1.0.patch 2022-02-15 21:30:32 UTC (rev 437425) +++ vde_cryptcab-compile-against-openssl-1.1.0.patch 2022-02-15 21:30:50 UTC (rev 437426) @@ -1,92 +0,0 @@ ---- a/src/vde_cryptcab/cryptcab.c 2011-11-23 16:41:17.000000000 +0000 -+++ b/src/vde_cryptcab/cryptcab.c 2017-03-20 22:54:20.452975075 +0000 -@@ -22,7 +22,7 @@ - exit(1); - } - --static EVP_CIPHER_CTX ctx; -+static EVP_CIPHER_CTX *ctx; - static int ctx_initialized = 0; - static int encryption_disabled = 0; - static int nfd; -@@ -30,6 +30,10 @@ - static struct vde_open_args open_args={.port=0,.group=NULL,.mode=0700}; - static int verbose = 0; - -+#if OPENSSL_VERSION_NUMBER < 0x10100000 -+#define EVP_CIPHER_CTX_reset(x) EVP_CIPHER_CTX_cleanup(x) -+#endif -+ - void vc_printlog(int priority, const char *format, ...) - { - va_list arg; -@@ -103,19 +107,21 @@ - } - - if (!ctx_initialized) { -- EVP_CIPHER_CTX_init (&ctx); -+ ctx = EVP_CIPHER_CTX_new (); -+ if (!ctx) -+ return -1; - ctx_initialized = 1; - } - -- EVP_EncryptInit (&ctx, EVP_bf_cbc (), p->key, p->iv); -- if (EVP_EncryptUpdate (&ctx, dst, &olen, src, len) != 1) -+ EVP_EncryptInit (ctx, EVP_bf_cbc (), p->key, p->iv); -+ if (EVP_EncryptUpdate (ctx, dst, &olen, src, len) != 1) - { - fprintf (stderr,"error in encrypt update\n"); - olen = -1; - goto cleanup; - } - -- if (EVP_EncryptFinal (&ctx, dst + olen, &tlen) != 1) -+ if (EVP_EncryptFinal (ctx, dst + olen, &tlen) != 1) - { - fprintf (stderr,"error in encrypt final\n"); - olen = -1; -@@ -124,7 +130,7 @@ - olen += tlen; - - cleanup: -- EVP_CIPHER_CTX_cleanup(&ctx); -+ EVP_CIPHER_CTX_reset(ctx); - return olen; - } - -@@ -138,19 +144,21 @@ - } - - if (!ctx_initialized) { -- EVP_CIPHER_CTX_init (&ctx); -+ ctx = EVP_CIPHER_CTX_new (); -+ if (!ctx) -+ return -1; - ctx_initialized = 1; - } - -- EVP_DecryptInit (&ctx, EVP_bf_cbc (), p->key, p->iv); -- if (EVP_DecryptUpdate (&ctx, dst, &olen, src, len) != 1) -+ EVP_DecryptInit (ctx, EVP_bf_cbc (), p->key, p->iv); -+ if (EVP_DecryptUpdate (ctx, dst, &olen, src, len) != 1) - { - fprintf (stderr,"error in decrypt update\n"); - olen = -1; - goto cleanup; - } - -- if (EVP_DecryptFinal (&ctx, dst + olen, &tlen) != 1) -+ if (EVP_DecryptFinal (ctx, dst + olen, &tlen) != 1) - { - fprintf (stderr,"error in decrypt final\n"); - olen = -1; -@@ -159,7 +167,7 @@ - olen += tlen; - - cleanup: -- EVP_CIPHER_CTX_cleanup(&ctx); -+ EVP_CIPHER_CTX_reset (ctx); - return olen; - } - Copied: vde2/repos/extra-x86_64/vde_cryptcab-compile-against-openssl-1.1.0.patch (from rev 437425, vde2/trunk/vde_cryptcab-compile-against-openssl-1.1.0.patch) =================================================================== --- vde_cryptcab-compile-against-openssl-1.1.0.patch (rev 0) +++ vde_cryptcab-compile-against-openssl-1.1.0.patch 2022-02-15 21:30:50 UTC (rev 437426) @@ -0,0 +1,92 @@ +--- a/src/vde_cryptcab/cryptcab.c 2011-11-23 16:41:17.000000000 +0000 ++++ b/src/vde_cryptcab/cryptcab.c 2017-03-20 22:54:20.452975075 +0000 +@@ -22,7 +22,7 @@ + exit(1); + } + +-static EVP_CIPHER_CTX ctx; ++static EVP_CIPHER_CTX *ctx; + static int ctx_initialized = 0; + static int encryption_disabled = 0; + static int nfd; +@@ -30,6 +30,10 @@ + static struct vde_open_args open_args={.port=0,.group=NULL,.mode=0700}; + static int verbose = 0; + ++#if OPENSSL_VERSION_NUMBER < 0x10100000 ++#define EVP_CIPHER_CTX_reset(x) EVP_CIPHER_CTX_cleanup(x) ++#endif ++ + void vc_printlog(int priority, const char *format, ...) + { + va_list arg; +@@ -103,19 +107,21 @@ + } + + if (!ctx_initialized) { +- EVP_CIPHER_CTX_init (&ctx); ++ ctx = EVP_CIPHER_CTX_new (); ++ if (!ctx) ++ return -1; + ctx_initialized = 1; + } + +- EVP_EncryptInit (&ctx, EVP_bf_cbc (), p->key, p->iv); +- if (EVP_EncryptUpdate (&ctx, dst, &olen, src, len) != 1) ++ EVP_EncryptInit (ctx, EVP_bf_cbc (), p->key, p->iv); ++ if (EVP_EncryptUpdate (ctx, dst, &olen, src, len) != 1) + { + fprintf (stderr,"error in encrypt update\n"); + olen = -1; + goto cleanup; + } + +- if (EVP_EncryptFinal (&ctx, dst + olen, &tlen) != 1) ++ if (EVP_EncryptFinal (ctx, dst + olen, &tlen) != 1) + { + fprintf (stderr,"error in encrypt final\n"); + olen = -1; +@@ -124,7 +130,7 @@ + olen += tlen; + + cleanup: +- EVP_CIPHER_CTX_cleanup(&ctx); ++ EVP_CIPHER_CTX_reset(ctx); + return olen; + } + +@@ -138,19 +144,21 @@ + } + + if (!ctx_initialized) { +- EVP_CIPHER_CTX_init (&ctx); ++ ctx = EVP_CIPHER_CTX_new (); ++ if (!ctx) ++ return -1; + ctx_initialized = 1; + } + +- EVP_DecryptInit (&ctx, EVP_bf_cbc (), p->key, p->iv); +- if (EVP_DecryptUpdate (&ctx, dst, &olen, src, len) != 1) ++ EVP_DecryptInit (ctx, EVP_bf_cbc (), p->key, p->iv); ++ if (EVP_DecryptUpdate (ctx, dst, &olen, src, len) != 1) + { + fprintf (stderr,"error in decrypt update\n"); + olen = -1; + goto cleanup; + } + +- if (EVP_DecryptFinal (&ctx, dst + olen, &tlen) != 1) ++ if (EVP_DecryptFinal (ctx, dst + olen, &tlen) != 1) + { + fprintf (stderr,"error in decrypt final\n"); + olen = -1; +@@ -159,7 +167,7 @@ + olen += tlen; + + cleanup: +- EVP_CIPHER_CTX_cleanup(&ctx); ++ EVP_CIPHER_CTX_reset (ctx); + return olen; + } +