1 |
commit: 9f755166990850a2f869b1da92c76283e1708b5d |
2 |
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com> |
3 |
AuthorDate: Thu Nov 3 08:24:42 2016 +0000 |
4 |
Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Nov 3 19:34:50 2016 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9f755166 |
7 |
|
8 |
net-misc/openconnect: Reintroduce libressl USE. |
9 |
|
10 |
Closes: https://github.com/gentoo/gentoo/pull/2727 |
11 |
|
12 |
.../files/openconnect-7.07-libressl.patch | 77 ++++++++++++++++++++++ |
13 |
net-misc/openconnect/openconnect-7.06-r4.ebuild | 8 ++- |
14 |
...nect-9999.ebuild => openconnect-7.07-r3.ebuild} | 16 +++-- |
15 |
net-misc/openconnect/openconnect-9999.ebuild | 12 ++-- |
16 |
4 files changed, 102 insertions(+), 11 deletions(-) |
17 |
|
18 |
diff --git a/net-misc/openconnect/files/openconnect-7.07-libressl.patch b/net-misc/openconnect/files/openconnect-7.07-libressl.patch |
19 |
new file mode 100644 |
20 |
index 00000000..4f9d34b |
21 |
--- /dev/null |
22 |
+++ b/net-misc/openconnect/files/openconnect-7.07-libressl.patch |
23 |
@@ -0,0 +1,77 @@ |
24 |
+From d4a8afc2e8693628f2de554e717458e08bcc2fcf Mon Sep 17 00:00:00 2001 |
25 |
+From: Aric Belsito <lluixhi@×××××.com> |
26 |
+Date: Thu, 3 Nov 2016 11:37:23 -0700 |
27 |
+Subject: [PATCH] Fix LibreSSL Build. |
28 |
+ |
29 |
+From Voidlinux: |
30 |
+ |
31 |
+From d51ab5615e11af4a2c160b2b8240e5d9f3c15422 Mon Sep 17 00:00:00 2001 |
32 |
+From: Duncaen <duncaen@×××××××××.eu> |
33 |
+Date: Wed, 13 Jul 2016 15:21:16 +0200 |
34 |
+Subject: [PATCH] openconnect: update to 7.07. |
35 |
+--- |
36 |
+ openssl-esp.c | 4 ++-- |
37 |
+ openssl.c | 8 ++++---- |
38 |
+ 2 files changed, 6 insertions(+), 6 deletions(-) |
39 |
+ |
40 |
+diff --git a/openssl-esp.c b/openssl-esp.c |
41 |
+index 2c1aa49..bd4dce3 100644 |
42 |
+--- a/openssl-esp.c |
43 |
++++ b/openssl-esp.c |
44 |
+@@ -27,7 +27,7 @@ |
45 |
+ #include <openssl/evp.h> |
46 |
+ #include <openssl/rand.h> |
47 |
+ |
48 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
49 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
50 |
+ |
51 |
+ #define EVP_CIPHER_CTX_free(c) do { \ |
52 |
+ EVP_CIPHER_CTX_cleanup(c); \ |
53 |
+@@ -85,7 +85,7 @@ static int init_esp_ciphers(struct openconnect_info *vpninfo, struct esp *esp, |
54 |
+ } |
55 |
+ EVP_CIPHER_CTX_set_padding(esp->cipher, 0); |
56 |
+ |
57 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
58 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
59 |
+ esp->hmac = malloc(sizeof(*esp->hmac)); |
60 |
+ esp->pkt_hmac = malloc(sizeof(*esp->pkt_hmac)); |
61 |
+ if (!esp->hmac || &esp->pkt_hmac) { |
62 |
+diff --git a/openssl.c b/openssl.c |
63 |
+index 785fd2a..6007cef 100644 |
64 |
+--- a/openssl.c |
65 |
++++ b/openssl.c |
66 |
+@@ -36,11 +36,11 @@ |
67 |
+ #include <openssl/ui.h> |
68 |
+ #include <openssl/rsa.h> |
69 |
+ |
70 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
71 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
72 |
+ #define X509_up_ref(x) CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_X509) |
73 |
+ #endif |
74 |
+ |
75 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
76 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
77 |
+ #define EVP_MD_CTX_new EVP_MD_CTX_create |
78 |
+ #define EVP_MD_CTX_free EVP_MD_CTX_destroy |
79 |
+ #define X509_STORE_CTX_get0_chain(ctx) ((ctx)->chain) |
80 |
+@@ -991,7 +991,7 @@ static int set_peer_cert_hash(struct openconnect_info *vpninfo) |
81 |
+ return 0; |
82 |
+ } |
83 |
+ |
84 |
+-#if OPENSSL_VERSION_NUMBER < 0x10002000L |
85 |
++#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) |
86 |
+ static int match_hostname_elem(const char *hostname, int helem_len, |
87 |
+ const char *match, int melem_len) |
88 |
+ { |
89 |
+@@ -1653,7 +1653,7 @@ int openconnect_open_https(struct openconnect_info *vpninfo) |
90 |
+ * 4fcdd66fff5fea0cfa1055c6680a76a4303f28a2 |
91 |
+ * cd6bd5ffda616822b52104fee0c4c7d623fd4f53 |
92 |
+ */ |
93 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10001070 |
94 |
++#if OPENSSL_VERSION_NUMBER >= 0x10001070 || defined(LIBRESSL_VERSION_NUMBER) |
95 |
+ if (string_is_hostname(vpninfo->hostname)) |
96 |
+ SSL_set_tlsext_host_name(https_ssl, vpninfo->hostname); |
97 |
+ #endif |
98 |
+-- |
99 |
+2.10.2 |
100 |
+ |
101 |
|
102 |
diff --git a/net-misc/openconnect/openconnect-7.06-r4.ebuild b/net-misc/openconnect/openconnect-7.06-r4.ebuild |
103 |
index c2727fa..101a611 100644 |
104 |
--- a/net-misc/openconnect/openconnect-7.06-r4.ebuild |
105 |
+++ b/net-misc/openconnect/openconnect-7.06-r4.ebuild |
106 |
@@ -18,7 +18,7 @@ SRC_URI="ftp://ftp.infradead.org/pub/${PN}/${P}.tar.gz |
107 |
LICENSE="LGPL-2.1 GPL-2" |
108 |
SLOT="0/5" |
109 |
KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86" |
110 |
-IUSE="doc +gnutls gssapi java libproxy nls smartcard static-libs stoken" |
111 |
+IUSE="doc +gnutls gssapi java libproxy libressl nls smartcard static-libs stoken" |
112 |
ILINGUAS="ar cs de el en_GB en_US es eu fi fr gl id lt nl pa pl pt pt_BR sk sl tg ug uk zh_CN zh_TW" |
113 |
for lang in $ILINGUAS; do |
114 |
IUSE="${IUSE} linguas_${lang}" |
115 |
@@ -27,11 +27,13 @@ done |
116 |
DEPEND="dev-libs/libxml2 |
117 |
sys-libs/zlib |
118 |
!gnutls? ( |
119 |
- >=dev-libs/openssl-1.0.1h:0[static-libs?] |
120 |
+ !libressl? ( >=dev-libs/openssl-1.0.1h:0=[static-libs?] ) |
121 |
+ libressl? ( dev-libs/libressl:0=[static-libs?] ) |
122 |
) |
123 |
gnutls? ( |
124 |
- >=net-libs/gnutls-3:0=[static-libs?] dev-libs/nettle |
125 |
app-misc/ca-certificates |
126 |
+ dev-libs/nettle |
127 |
+ >=net-libs/gnutls-3:0=[static-libs?] |
128 |
) |
129 |
gssapi? ( virtual/krb5 ) |
130 |
libproxy? ( net-libs/libproxy ) |
131 |
|
132 |
diff --git a/net-misc/openconnect/openconnect-9999.ebuild b/net-misc/openconnect/openconnect-7.07-r3.ebuild |
133 |
similarity index 90% |
134 |
copy from net-misc/openconnect/openconnect-9999.ebuild |
135 |
copy to net-misc/openconnect/openconnect-7.07-r3.ebuild |
136 |
index 4abd3db..b7ffa4e 100644 |
137 |
--- a/net-misc/openconnect/openconnect-9999.ebuild |
138 |
+++ b/net-misc/openconnect/openconnect-7.07-r3.ebuild |
139 |
@@ -25,16 +25,19 @@ HOMEPAGE="http://www.infradead.org/openconnect.html" |
140 |
|
141 |
LICENSE="LGPL-2.1 GPL-2" |
142 |
SLOT="0/5" |
143 |
-IUSE="doc +gnutls gssapi java libproxy lz4 nls smartcard static-libs stoken" |
144 |
+IUSE="doc +gnutls gssapi java libproxy libressl lz4 nls smartcard static-libs stoken" |
145 |
|
146 |
-DEPEND="dev-libs/libxml2 |
147 |
+DEPEND=" |
148 |
+ dev-libs/libxml2 |
149 |
sys-libs/zlib |
150 |
!gnutls? ( |
151 |
- >=dev-libs/openssl-1.0.1h:0[static-libs?] |
152 |
+ !libressl? ( >=dev-libs/openssl-1.0.1h:0=[static-libs?] ) |
153 |
+ libressl? ( dev-libs/libressl:0=[static-libs?] ) |
154 |
) |
155 |
gnutls? ( |
156 |
- >=net-libs/gnutls-3:0=[static-libs?] dev-libs/nettle |
157 |
app-misc/ca-certificates |
158 |
+ dev-libs/nettle |
159 |
+ >=net-libs/gnutls-3:0=[static-libs?] |
160 |
) |
161 |
gssapi? ( virtual/krb5 ) |
162 |
libproxy? ( net-libs/libproxy ) |
163 |
@@ -53,6 +56,11 @@ DEPEND="${DEPEND} |
164 |
|
165 |
CONFIG_CHECK="~TUN" |
166 |
|
167 |
+PATCHES=( |
168 |
+ "${FILESDIR}"/${P}-mimic-pulse-client.patch |
169 |
+ "${FILESDIR}"/${P}-libressl.patch |
170 |
+) |
171 |
+ |
172 |
pkg_pretend() { |
173 |
check_extra_config |
174 |
} |
175 |
|
176 |
diff --git a/net-misc/openconnect/openconnect-9999.ebuild b/net-misc/openconnect/openconnect-9999.ebuild |
177 |
index 4abd3db..7e5fb54 100644 |
178 |
--- a/net-misc/openconnect/openconnect-9999.ebuild |
179 |
+++ b/net-misc/openconnect/openconnect-9999.ebuild |
180 |
@@ -25,16 +25,19 @@ HOMEPAGE="http://www.infradead.org/openconnect.html" |
181 |
|
182 |
LICENSE="LGPL-2.1 GPL-2" |
183 |
SLOT="0/5" |
184 |
-IUSE="doc +gnutls gssapi java libproxy lz4 nls smartcard static-libs stoken" |
185 |
+IUSE="doc +gnutls gssapi java libproxy libressl lz4 nls smartcard static-libs stoken" |
186 |
|
187 |
-DEPEND="dev-libs/libxml2 |
188 |
+DEPEND=" |
189 |
+ dev-libs/libxml2 |
190 |
sys-libs/zlib |
191 |
!gnutls? ( |
192 |
- >=dev-libs/openssl-1.0.1h:0[static-libs?] |
193 |
+ !libressl? ( >=dev-libs/openssl-1.0.1h:0=[static-libs?] ) |
194 |
+ libressl? ( dev-libs/libressl:0=[static-libs?] ) |
195 |
) |
196 |
gnutls? ( |
197 |
- >=net-libs/gnutls-3:0=[static-libs?] dev-libs/nettle |
198 |
app-misc/ca-certificates |
199 |
+ dev-libs/nettle |
200 |
+ >=net-libs/gnutls-3:0=[static-libs?] |
201 |
) |
202 |
gssapi? ( virtual/krb5 ) |
203 |
libproxy? ( net-libs/libproxy ) |
204 |
@@ -91,6 +94,7 @@ src_configure() { |
205 |
# liboath not in portage |
206 |
econf \ |
207 |
--with-vpnc-script="${EPREFIX}/etc/openconnect/openconnect.sh" \ |
208 |
+ --without-openssl-version-check \ |
209 |
$(use_enable static-libs static) \ |
210 |
$(use_enable nls ) \ |
211 |
$(use_with !gnutls openssl) \ |