1 |
commit: 98e54164b037b4503834159711595bfa4eb4d76c |
2 |
Author: Stefan Strogin <stefan.strogin <AT> gmail <DOT> com> |
3 |
AuthorDate: Thu Nov 1 15:31:53 2018 +0000 |
4 |
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Nov 3 08:17:24 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=98e54164 |
7 |
|
8 |
media-libs/opusfile: add LibreSSL support |
9 |
|
10 |
Closes: https://bugs.gentoo.org/588768 |
11 |
Package-Manager: Portage-2.3.51, Repoman-2.3.11 |
12 |
Signed-off-by: Stefan Strogin <stefan.strogin <AT> gmail.com> |
13 |
Closes: https://github.com/gentoo/gentoo/pull/9979 |
14 |
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> |
15 |
|
16 |
.../opusfile/files/opusfile-0.11-libressl.patch | 142 +++++++++++++++++++++ |
17 |
media-libs/opusfile/opusfile-0.11.ebuild | 4 +- |
18 |
2 files changed, 145 insertions(+), 1 deletion(-) |
19 |
|
20 |
diff --git a/media-libs/opusfile/files/opusfile-0.11-libressl.patch b/media-libs/opusfile/files/opusfile-0.11-libressl.patch |
21 |
new file mode 100644 |
22 |
index 00000000000..72d807623a8 |
23 |
--- /dev/null |
24 |
+++ b/media-libs/opusfile/files/opusfile-0.11-libressl.patch |
25 |
@@ -0,0 +1,142 @@ |
26 |
+From 27ab318babb96e10a9f007b7c7936fd42425f488 Mon Sep 17 00:00:00 2001 |
27 |
+From: Stefan Strogin <stefan.strogin@×××××.com> |
28 |
+Date: Thu, 27 Sep 2018 04:53:29 +0300 |
29 |
+Subject: [PATCH] http: fix compilation with LibreSSL |
30 |
+ |
31 |
+LibreSSL defines OPENSSL_VERSION_NUMBER to 0x20000000L, but its API is |
32 |
+compatible with OpenSSL 1.0.1. |
33 |
+Therefore redefine OPENSSL_VERSION_NUMBER to 0x1000115fL (1.0.1u) if |
34 |
+LibreSSL is used. |
35 |
+ |
36 |
+Fixes: #2327 |
37 |
+ |
38 |
+http: use new API with LibreSSL >=2.7.0 |
39 |
+ |
40 |
+LibreSSL is not yet fully API compatible with OpenSSL 1.0.2 and later, |
41 |
+However many APIs from OpenSSL 1.0.2 and 1.1 are already implemented in |
42 |
+LibreSSL 2.7.0 and later. Old approach works in newer LibreSSL version |
43 |
+as well, but it's not nice to force deprecated functions on LibreSSL |
44 |
+users. |
45 |
+ |
46 |
+Add additional conditionals for new LibreSSL versions to use the |
47 |
+available new APIs. |
48 |
+--- |
49 |
+ src/http.c | 27 ++++++++++++++++----------- |
50 |
+ 1 file changed, 16 insertions(+), 11 deletions(-) |
51 |
+ |
52 |
+diff --git a/src/http.c b/src/http.c |
53 |
+index 8ba9b28..a47648f 100644 |
54 |
+--- a/src/http.c |
55 |
++++ b/src/http.c |
56 |
+@@ -358,6 +358,11 @@ typedef int op_sock; |
57 |
+ # include <sys/timeb.h> |
58 |
+ # include <openssl/x509v3.h> |
59 |
+ |
60 |
++# if (defined(LIBRESSL_VERSION_NUMBER)&&OPENSSL_VERSION_NUMBER==0x20000000L) |
61 |
++# undef OPENSSL_VERSION_NUMBER |
62 |
++# define OPENSSL_VERSION_NUMBER 0x1000115fL |
63 |
++# endif |
64 |
++ |
65 |
+ /*The maximum number of simultaneous connections. |
66 |
+ RFC 2616 says this SHOULD NOT be more than 2, but everyone on the modern web |
67 |
+ ignores that (e.g., IE 8 bumped theirs up from 2 to 6, Firefox uses 15). |
68 |
+@@ -1530,7 +1535,7 @@ static long op_bio_retry_ctrl(BIO *_b,int _cmd,long _num,void *_ptr){ |
69 |
+ return ret; |
70 |
+ } |
71 |
+ |
72 |
+-# if OPENSSL_VERSION_NUMBER<0x10100000L |
73 |
++# if (OPENSSL_VERSION_NUMBER<0x10100000L&&LIBRESSL_VERSION_NUMBER<0x2070000fL) |
74 |
+ # define BIO_set_data(_b,_ptr) ((_b)->ptr=(_ptr)) |
75 |
+ # define BIO_set_init(_b,_init) ((_b)->init=(_init)) |
76 |
+ # define ASN1_STRING_get0_data ASN1_STRING_data |
77 |
+@@ -1538,7 +1543,7 @@ static long op_bio_retry_ctrl(BIO *_b,int _cmd,long _num,void *_ptr){ |
78 |
+ |
79 |
+ static int op_bio_retry_new(BIO *_b){ |
80 |
+ BIO_set_init(_b,1); |
81 |
+-# if OPENSSL_VERSION_NUMBER<0x10100000L |
82 |
++# if (OPENSSL_VERSION_NUMBER<0x10100000L&&LIBRESSL_VERSION_NUMBER<0x2070000fL) |
83 |
+ _b->num=0; |
84 |
+ # endif |
85 |
+ BIO_set_data(_b,NULL); |
86 |
+@@ -1549,7 +1554,7 @@ static int op_bio_retry_free(BIO *_b){ |
87 |
+ return _b!=NULL; |
88 |
+ } |
89 |
+ |
90 |
+-# if OPENSSL_VERSION_NUMBER<0x10100000L |
91 |
++# if (OPENSSL_VERSION_NUMBER<0x10100000L&&LIBRESSL_VERSION_NUMBER<0x2070000fL) |
92 |
+ /*This is not const because OpenSSL doesn't allow it, even though it won't |
93 |
+ write to it.*/ |
94 |
+ static BIO_METHOD op_bio_retry_method={ |
95 |
+@@ -1570,7 +1575,7 @@ static BIO_METHOD op_bio_retry_method={ |
96 |
+ proxying https URL requests.*/ |
97 |
+ static int op_http_conn_establish_tunnel(OpusHTTPStream *_stream, |
98 |
+ OpusHTTPConn *_conn,op_sock _fd,SSL *_ssl_conn,BIO *_ssl_bio){ |
99 |
+-# if OPENSSL_VERSION_NUMBER>=0x10100000L |
100 |
++# if (OPENSSL_VERSION_NUMBER>=0x10100000L||LIBRESSL_VERSION_NUMBER>=0x2070000fL) |
101 |
+ BIO_METHOD *bio_retry_method; |
102 |
+ # endif |
103 |
+ BIO *retry_bio; |
104 |
+@@ -1583,7 +1588,7 @@ static int op_http_conn_establish_tunnel(OpusHTTPStream *_stream, |
105 |
+ ret=op_http_conn_write_fully(_conn, |
106 |
+ _stream->proxy_connect.buf,_stream->proxy_connect.nbuf); |
107 |
+ if(OP_UNLIKELY(ret<0))return ret; |
108 |
+-# if OPENSSL_VERSION_NUMBER>=0x10100000L |
109 |
++# if (OPENSSL_VERSION_NUMBER>=0x10100000L||LIBRESSL_VERSION_NUMBER>=0x2070000fL) |
110 |
+ bio_retry_method=BIO_meth_new(BIO_TYPE_NULL,"retry"); |
111 |
+ if(bio_retry_method==NULL)return OP_EFAULT; |
112 |
+ BIO_meth_set_write(bio_retry_method,op_bio_retry_write); |
113 |
+@@ -1606,7 +1611,7 @@ static int op_http_conn_establish_tunnel(OpusHTTPStream *_stream, |
114 |
+ /*This shouldn't succeed, since we can't read yet.*/ |
115 |
+ OP_ALWAYS_TRUE(SSL_connect(_ssl_conn)<0); |
116 |
+ SSL_set_bio(_ssl_conn,_ssl_bio,_ssl_bio); |
117 |
+-# if OPENSSL_VERSION_NUMBER>=0x10100000L |
118 |
++# if (OPENSSL_VERSION_NUMBER>=0x10100000L||LIBRESSL_VERSION_NUMBER>=0x2070000fL) |
119 |
+ BIO_meth_free(bio_retry_method); |
120 |
+ # endif |
121 |
+ /*Only now do we disable write coalescing, to allow the CONNECT |
122 |
+@@ -1635,7 +1640,7 @@ static struct addrinfo *op_inet_pton(const char *_host){ |
123 |
+ return NULL; |
124 |
+ } |
125 |
+ |
126 |
+-# if OPENSSL_VERSION_NUMBER<0x10002000L |
127 |
++# if (OPENSSL_VERSION_NUMBER<0x10002000L&&LIBRESSL_VERSION_NUMBER<0x2070000fL) |
128 |
+ /*Match a host name against a host with a possible wildcard pattern according |
129 |
+ to the rules of RFC 6125 Section 6.4.3. |
130 |
+ Return: 0 if the pattern doesn't match, and a non-zero value if it does.*/ |
131 |
+@@ -1893,7 +1898,7 @@ static int op_http_conn_start_tls(OpusHTTPStream *_stream,OpusHTTPConn *_conn, |
132 |
+ SSL_set_tlsext_host_name(_ssl_conn,_stream->url.host); |
133 |
+ # endif |
134 |
+ skip_certificate_check=_stream->skip_certificate_check; |
135 |
+-# if OPENSSL_VERSION_NUMBER>=0x10002000L |
136 |
++# if (OPENSSL_VERSION_NUMBER>=0x10002000L||LIBRESSL_VERSION_NUMBER>=0x2070000fL) |
137 |
+ /*As of version 1.0.2, OpenSSL can finally do hostname checks automatically. |
138 |
+ Of course, they make it much more complicated than it needs to be.*/ |
139 |
+ if(!skip_certificate_check){ |
140 |
+@@ -1956,13 +1961,13 @@ static int op_http_conn_start_tls(OpusHTTPStream *_stream,OpusHTTPConn *_conn, |
141 |
+ if(OP_UNLIKELY(ret<=0))return OP_FALSE; |
142 |
+ ssl_session=_stream->ssl_session; |
143 |
+ if(ssl_session==NULL |
144 |
+-# if OPENSSL_VERSION_NUMBER<0x10002000L |
145 |
++# if (OPENSSL_VERSION_NUMBER<0x10002000L&&LIBRESSL_VERSION_NUMBER<0x2070000fL) |
146 |
+ ||!skip_certificate_check |
147 |
+ # endif |
148 |
+ ){ |
149 |
+ ret=op_do_ssl_step(_ssl_conn,_fd,SSL_do_handshake); |
150 |
+ if(OP_UNLIKELY(ret<=0))return OP_FALSE; |
151 |
+-# if OPENSSL_VERSION_NUMBER<0x10002000L |
152 |
++# if (OPENSSL_VERSION_NUMBER<0x10002000L&&LIBRESSL_VERSION_NUMBER<0x2070000fL) |
153 |
+ /*OpenSSL before version 1.0.2 does not do automatic hostname verification, |
154 |
+ despite the fact that we just passed it the hostname above in the call |
155 |
+ to SSL_set_tlsext_host_name(). |
156 |
+@@ -2314,7 +2319,7 @@ static int op_http_stream_open(OpusHTTPStream *_stream,const char *_url, |
157 |
+ /*Initialize the SSL library if necessary.*/ |
158 |
+ if(OP_URL_IS_SSL(&_stream->url)&&_stream->ssl_ctx==NULL){ |
159 |
+ SSL_CTX *ssl_ctx; |
160 |
+-# if OPENSSL_VERSION_NUMBER<0x10100000L |
161 |
++# if (OPENSSL_VERSION_NUMBER<0x10100000L&&LIBRESSL_VERSION_NUMBER<0x2070000fL) |
162 |
+ # if !defined(OPENSSL_NO_LOCKING) |
163 |
+ /*The documentation says SSL_library_init() is not reentrant. |
164 |
+ We don't want to add our own depenencies on a threading library, and it |
165 |
+-- |
166 |
+2.19.1 |
167 |
+ |
168 |
|
169 |
diff --git a/media-libs/opusfile/opusfile-0.11.ebuild b/media-libs/opusfile/opusfile-0.11.ebuild |
170 |
index bff77dbcf7e..92e3dbb30f6 100644 |
171 |
--- a/media-libs/opusfile/opusfile-0.11.ebuild |
172 |
+++ b/media-libs/opusfile/opusfile-0.11.ebuild |
173 |
@@ -16,7 +16,7 @@ RDEPEND="media-libs/libogg |
174 |
media-libs/opus |
175 |
http? ( |
176 |
!libressl? ( dev-libs/openssl:0= ) |
177 |
- libressl? ( dev-libs/libressl:= ) |
178 |
+ libressl? ( dev-libs/libressl:0= ) |
179 |
)" |
180 |
|
181 |
DEPEND="${RDEPEND} |
182 |
@@ -24,6 +24,8 @@ DEPEND="${RDEPEND} |
183 |
|
184 |
REQUIRED_USE="^^ ( fixed-point float )" |
185 |
|
186 |
+PATCHES=( "${FILESDIR}/opusfile-0.11-libressl.patch" ) |
187 |
+ |
188 |
src_configure() { |
189 |
local myeconfargs=( |
190 |
--docdir="${EPREFIX}/usr/share/doc/${PF}" |