[gentoo-commits] repo/gentoo:master commit in: net-libs/wvstreams/files/ - gentoo-commits

From:	Sam James <sam@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-libs/wvstreams/files/
Date:	Mon, 03 May 2021 18:46:41
Message-Id:	`1620067549.949dc3a4760373cef18aa53f3ba17c1a27215821.sam@gentoo`

1

commit:     949dc3a4760373cef18aa53f3ba17c1a27215821

2

Author:     Sam James <sam <AT> gentoo <DOT> org>

3

AuthorDate: Mon May  3 18:38:00 2021 +0000

4

Commit:     Sam James <sam <AT> gentoo <DOT> org>

5

CommitDate: Mon May  3 18:45:49 2021 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=949dc3a4

7

8

net-libs/wvstreams: drop obsolete LibreSSL patch(es)

9

10

Package-Manager: Portage-3.0.18-prefix, Repoman-3.0.3

11

Signed-off-by: Sam James <sam <AT> gentoo.org>

12

13

 .../files/wvstreams-4.6.1_p14-libressl.patch       | 114 ---------------------

14

 1 file changed, 114 deletions(-)

15

16

diff --git a/net-libs/wvstreams/files/wvstreams-4.6.1_p14-libressl.patch b/net-libs/wvstreams/files/wvstreams-4.6.1_p14-libressl.patch

17

deleted file mode 100644

18

index e897c95bf09..00000000000

19

--- a/net-libs/wvstreams/files/wvstreams-4.6.1_p14-libressl.patch

20

+++ /dev/null

21

@@ -1,114 +0,0 @@

22

-From cb8a81da928054c2e8174d671f2abc88f4f35b87 Mon Sep 17 00:00:00 2001

23

-From: Stefan Strogin <steils@g.o>

24

-Date: Mon, 10 Jun 2019 17:07:06 +0300

25

-Subject: [PATCH] Fix LibreSSL support

26

-

27

----

28

- crypto/wvocsp.cc    | 34 ++++++++++++++++++++++++++++++++++

29

- crypto/wvx509mgr.cc | 14 ++++++++++++++

30

- include/wvdigest.h  |  1 +

31

- 3 files changed, 49 insertions(+)

32

-

33

-diff --git a/crypto/wvocsp.cc b/crypto/wvocsp.cc

34

-index 7d5da072..7a157f90 100644

35

---- a/crypto/wvocsp.cc

36

-+++ b/crypto/wvocsp.cc

37

-@@ -130,6 +130,7 @@ bool WvOCSPResp::signedbycert(const WvX509 &cert) const

38

- }

39

-

40

-

41

-+#ifndef LIBRESSL_VERSION_NUMBER

42

- WvX509 WvOCSPResp::get_signing_cert() const

43

- {

44

-     const STACK_OF(X509) *certs = OCSP_resp_get0_certs(bs);

45

-@@ -143,6 +144,39 @@ WvX509 WvOCSPResp::get_signing_cert() const

46

-

47

-     return WvX509();

48

- }

49

-+#else

50

-+WvX509 WvOCSPResp::get_signing_cert() const

51

-+{

52

-+    if (!bs || !sk_X509_num(bs->certs))

53

-+        return WvX509();

54

-+

55

-+    // note: the following bit of code is taken almost verbatim from

56

-+    // ocsp_vfy.c in OpenSSL 0.9.8. Copyright and attribution should

57

-+    // properly belong to them

58

-+

59

-+    OCSP_RESPID *id = bs->tbsResponseData->responderId;

60

-+

61

-+    if (id->type == V_OCSP_RESPID_NAME)

62

-+    {

63

-+        X509 *x = X509_find_by_subject(bs->certs, id->value.byName);

64

-+        if (x)

65

-+            return WvX509(X509_dup(x));

66

-+    }

67

-+

68

-+    if (id->value.byKey->length != SHA_DIGEST_LENGTH) return NULL;

69

-+    unsigned char tmphash[SHA_DIGEST_LENGTH];

70

-+    unsigned char *keyhash = id->value.byKey->data;

71

-+    for (int i = 0; i < sk_X509_num(bs->certs); i++)

72

-+    {

73

-+        X509 *x = sk_X509_value(bs->certs, i);

74

-+        X509_pubkey_digest(x, EVP_sha1(), tmphash, NULL);

75

-+        if(!memcmp(keyhash, tmphash, SHA_DIGEST_LENGTH))

76

-+            return WvX509(X509_dup(x));

77

-+    }

78

-+

79

-+    return WvX509();

80

-+}

81

-+#endif /* LIBRESSL_VERSION_NUMBER */

82

-

83

-

84

- WvOCSPResp::Status WvOCSPResp::get_status(const WvX509 &cert, 

85

-diff --git a/crypto/wvx509mgr.cc b/crypto/wvx509mgr.cc

86

-index 156d3a49..e2bb3ffe 100644

87

---- a/crypto/wvx509mgr.cc

88

-+++ b/crypto/wvx509mgr.cc

89

-@@ -350,8 +350,15 @@ bool WvX509Mgr::signcert(WvX509 &unsignedcert) const

90

-         return false;

91

-     }

92

-

93

-+#ifndef LIBRESSL_VERSION_NUMBER

94

-     uint32_t ex_flags = X509_get_extension_flags(cert);

95

-     uint32_t ex_kusage = X509_get_key_usage(cert);

96

-+#else

97

-+    X509_check_purpose(cert, -1, -1);

98

-+    uint32_t ex_flags = cert->ex_flags;

99

-+    uint32_t ex_kusage = (cert->ex_flags & EXFLAG_KUSAGE) ?

100

-+                         cert->ex_kusage : UINT32_MAX;

101

-+#endif

102

-     if (cert == unsignedcert.cert)

103

-     {

104

- 	debug("Self Signing!\n");

105

-@@ -392,8 +399,15 @@ bool WvX509Mgr::signcert(WvX509 &unsignedcert) const

106

-

107

- bool WvX509Mgr::signcrl(WvCRL &crl) const

108

- {

109

-+#ifndef LIBRESSL_VERSION_NUMBER

110

-     uint32_t ex_flags = X509_get_extension_flags(cert);

111

-     uint32_t ex_kusage = X509_get_key_usage(cert);

112

-+#else

113

-+    X509_check_purpose(cert, -1, -1);

114

-+    uint32_t ex_flags = cert->ex_flags;

115

-+    uint32_t ex_kusage = (cert->ex_flags & EXFLAG_KUSAGE) ?

116

-+                         cert->ex_kusage : UINT32_MAX;

117

-+#endif

118

-     if (!isok() || !crl.isok())

119

-     {

120

-         debug(WvLog::Warning, "Asked to sign CRL, but certificate or CRL (or "

121

-diff --git a/include/wvdigest.h b/include/wvdigest.h

122

-index f2eed401..e637fb49 100644

123

---- a/include/wvdigest.h

124

-+++ b/include/wvdigest.h

125

-@@ -10,6 +10,7 @@

126

- #include "wvencoder.h"

127

- #include <stdint.h>

128

- #include <openssl/evp.h>

129

-+#include <openssl/hmac.h>

130

-

131

-

132

- /**

133

---

134

-2.21.0

135

-

1	commit: 949dc3a4760373cef18aa53f3ba17c1a27215821
2	Author: Sam James <sam <AT> gentoo <DOT> org>
3	AuthorDate: Mon May 3 18:38:00 2021 +0000
4	Commit: Sam James <sam <AT> gentoo <DOT> org>
5	CommitDate: Mon May 3 18:45:49 2021 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=949dc3a4
7
8	net-libs/wvstreams: drop obsolete LibreSSL patch(es)
9
10	Package-Manager: Portage-3.0.18-prefix, Repoman-3.0.3
11	Signed-off-by: Sam James <sam <AT> gentoo.org>
12
13	.../files/wvstreams-4.6.1_p14-libressl.patch \| 114 ---------------------
14	1 file changed, 114 deletions(-)
15
16	diff --git a/net-libs/wvstreams/files/wvstreams-4.6.1_p14-libressl.patch b/net-libs/wvstreams/files/wvstreams-4.6.1_p14-libressl.patch
17	deleted file mode 100644
18	index e897c95bf09..00000000000
19	--- a/net-libs/wvstreams/files/wvstreams-4.6.1_p14-libressl.patch
20	+++ /dev/null
21	@@ -1,114 +0,0 @@
22	-From cb8a81da928054c2e8174d671f2abc88f4f35b87 Mon Sep 17 00:00:00 2001
23	-From: Stefan Strogin <steils@g.o>
24	-Date: Mon, 10 Jun 2019 17:07:06 +0300
25	-Subject: [PATCH] Fix LibreSSL support
26	-
27	----
28	- crypto/wvocsp.cc \| 34 ++++++++++++++++++++++++++++++++++
29	- crypto/wvx509mgr.cc \| 14 ++++++++++++++
30	- include/wvdigest.h \| 1 +
31	- 3 files changed, 49 insertions(+)
32	-
33	-diff --git a/crypto/wvocsp.cc b/crypto/wvocsp.cc
34	-index 7d5da072..7a157f90 100644
35	---- a/crypto/wvocsp.cc
36	-+++ b/crypto/wvocsp.cc
37	-@@ -130,6 +130,7 @@ bool WvOCSPResp::signedbycert(const WvX509 &cert) const
38	- }
39	-
40	-
41	-+#ifndef LIBRESSL_VERSION_NUMBER
42	- WvX509 WvOCSPResp::get_signing_cert() const
43	- {
44	- const STACK_OF(X509) *certs = OCSP_resp_get0_certs(bs);
45	-@@ -143,6 +144,39 @@ WvX509 WvOCSPResp::get_signing_cert() const
46	-
47	- return WvX509();
48	- }
49	-+#else
50	-+WvX509 WvOCSPResp::get_signing_cert() const
51	-+{
52	-+ if (!bs \|\| !sk_X509_num(bs->certs))
53	-+ return WvX509();
54	-+
55	-+ // note: the following bit of code is taken almost verbatim from
56	-+ // ocsp_vfy.c in OpenSSL 0.9.8. Copyright and attribution should
57	-+ // properly belong to them
58	-+
59	-+ OCSP_RESPID *id = bs->tbsResponseData->responderId;
60	-+
61	-+ if (id->type == V_OCSP_RESPID_NAME)
62	-+ {
63	-+ X509 *x = X509_find_by_subject(bs->certs, id->value.byName);
64	-+ if (x)
65	-+ return WvX509(X509_dup(x));
66	-+ }
67	-+
68	-+ if (id->value.byKey->length != SHA_DIGEST_LENGTH) return NULL;
69	-+ unsigned char tmphash[SHA_DIGEST_LENGTH];
70	-+ unsigned char *keyhash = id->value.byKey->data;
71	-+ for (int i = 0; i < sk_X509_num(bs->certs); i++)
72	-+ {
73	-+ X509 *x = sk_X509_value(bs->certs, i);
74	-+ X509_pubkey_digest(x, EVP_sha1(), tmphash, NULL);
75	-+ if(!memcmp(keyhash, tmphash, SHA_DIGEST_LENGTH))
76	-+ return WvX509(X509_dup(x));
77	-+ }
78	-+
79	-+ return WvX509();
80	-+}
81	-+#endif /* LIBRESSL_VERSION_NUMBER */
82	-
83	-
84	- WvOCSPResp::Status WvOCSPResp::get_status(const WvX509 &cert,
85	-diff --git a/crypto/wvx509mgr.cc b/crypto/wvx509mgr.cc
86	-index 156d3a49..e2bb3ffe 100644
87	---- a/crypto/wvx509mgr.cc
88	-+++ b/crypto/wvx509mgr.cc
89	-@@ -350,8 +350,15 @@ bool WvX509Mgr::signcert(WvX509 &unsignedcert) const
90	- return false;
91	- }
92	-
93	-+#ifndef LIBRESSL_VERSION_NUMBER
94	- uint32_t ex_flags = X509_get_extension_flags(cert);
95	- uint32_t ex_kusage = X509_get_key_usage(cert);
96	-+#else
97	-+ X509_check_purpose(cert, -1, -1);
98	-+ uint32_t ex_flags = cert->ex_flags;
99	-+ uint32_t ex_kusage = (cert->ex_flags & EXFLAG_KUSAGE) ?
100	-+ cert->ex_kusage : UINT32_MAX;
101	-+#endif
102	- if (cert == unsignedcert.cert)
103	- {
104	- debug("Self Signing!\n");
105	-@@ -392,8 +399,15 @@ bool WvX509Mgr::signcert(WvX509 &unsignedcert) const
106	-
107	- bool WvX509Mgr::signcrl(WvCRL &crl) const
108	- {
109	-+#ifndef LIBRESSL_VERSION_NUMBER
110	- uint32_t ex_flags = X509_get_extension_flags(cert);
111	- uint32_t ex_kusage = X509_get_key_usage(cert);
112	-+#else
113	-+ X509_check_purpose(cert, -1, -1);
114	-+ uint32_t ex_flags = cert->ex_flags;
115	-+ uint32_t ex_kusage = (cert->ex_flags & EXFLAG_KUSAGE) ?
116	-+ cert->ex_kusage : UINT32_MAX;
117	-+#endif
118	- if (!isok() \|\| !crl.isok())
119	- {
120	- debug(WvLog::Warning, "Asked to sign CRL, but certificate or CRL (or "
121	-diff --git a/include/wvdigest.h b/include/wvdigest.h
122	-index f2eed401..e637fb49 100644
123	---- a/include/wvdigest.h
124	-+++ b/include/wvdigest.h
125	-@@ -10,6 +10,7 @@
126	- #include "wvencoder.h"
127	- #include <stdint.h>
128	- #include <openssl/evp.h>
129	-+#include <openssl/hmac.h>
130	-
131	-
132	- /**
133	---
134	-2.21.0
135	-

Gentoo Archives: gentoo-commits