[gentoo-commits] repo/gentoo:master commit in: net-misc/stunnel/files/, net-misc/stunnel/ - gentoo-commits

From:	"Anthony G. Basile" <blueness@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-misc/stunnel/files/, net-misc/stunnel/
Date:	Sat, 28 Jan 2017 13:23:07
Message-Id:	`1485609756.ed175c5284d66d77c891808de3239f187ee636f4.blueness@gentoo`

1

commit:     ed175c5284d66d77c891808de3239f187ee636f4

2

Author:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>

3

AuthorDate: Sat Jan 28 13:22:36 2017 +0000

4

Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>

5

CommitDate: Sat Jan 28 13:22:36 2017 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ed175c52

7

8

net-misc/stunnel: fix build on libressl, bug #584298

9

10

Package-Manager: portage-2.3.3

11

12

 .../files/stunnel-5.39-compat-libressl.patch       | 132 +++++++++++++++++++++

13

 net-misc/stunnel/stunnel-5.39.ebuild               |   2 +-

14

 2 files changed, 133 insertions(+), 1 deletion(-)

15

16

diff --git a/net-misc/stunnel/files/stunnel-5.39-compat-libressl.patch b/net-misc/stunnel/files/stunnel-5.39-compat-libressl.patch

17

new file mode 100644

18

index 00000000..7c4f743

19

--- /dev/null

20

+++ b/net-misc/stunnel/files/stunnel-5.39-compat-libressl.patch

21

@@ -0,0 +1,132 @@

22

+diff -Naur stunnel-5.30.orig/src/ctx.c stunnel-5.30/src/ctx.c

23

+--- stunnel-5.30.orig/src/ctx.c	2016-01-15 16:45:23.000000000 +0000

24

++++ stunnel-5.30/src/ctx.c	2016-05-14 15:16:47.392859450 +0000

25

+@@ -359,7 +359,7 @@

26

+ /**************************************** initialize OpenSSL CONF */

27

+

28

+ NOEXPORT int conf_init(SERVICE_OPTIONS *section) {

29

+-#if OPENSSL_VERSION_NUMBER>=0x10002000L

30

++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)

31

+     SSL_CONF_CTX *cctx;

32

+     NAME_LIST *curr;

33

+     char *cmd, *param;

34

+diff -Naur stunnel-5.30.orig/src/verify.c stunnel-5.30/src/verify.c

35

+--- stunnel-5.30.orig/src/verify.c	2016-01-15 16:45:23.000000000 +0000

36

++++ stunnel-5.30/src/verify.c	2016-05-14 15:16:10.369860180 +0000

37

+@@ -51,7 +51,7 @@

38

+ NOEXPORT int verify_callback(int, X509_STORE_CTX *);

39

+ NOEXPORT int verify_checks(CLI *, int, X509_STORE_CTX *);

40

+ NOEXPORT int cert_check(CLI *, X509_STORE_CTX *, int);

41

+-#if OPENSSL_VERSION_NUMBER>=0x10002000L

42

++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)

43

+ NOEXPORT int cert_check_subject(CLI *, X509_STORE_CTX *);

44

+ #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */

45

+ NOEXPORT int cert_check_local(X509_STORE_CTX *);

46

+@@ -280,7 +280,7 @@

47

+     }

48

+

49

+     if(depth==0) { /* additional peer certificate checks */

50

+-#if OPENSSL_VERSION_NUMBER>=0x10002000L

51

++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)

52

+         if(!cert_check_subject(c, callback_ctx))

53

+             return 0; /* reject */

54

+ #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */

55

+@@ -291,7 +291,7 @@

56

+     return 1; /* accept */

57

+ }

58

+

59

+-#if OPENSSL_VERSION_NUMBER>=0x10002000L

60

++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)

61

+ NOEXPORT int cert_check_subject(CLI *c, X509_STORE_CTX *callback_ctx) {

62

+     X509 *cert=X509_STORE_CTX_get_current_cert(callback_ctx);

63

+     NAME_LIST *ptr;

64

+diff --git a/src/common.h b/src/common.h

65

+index 93f165e..491d9de 100644

66

+--- a/src/common.h

67

++++ b/src/common.h

68

+@@ -448,7 +448,7 @@ extern char *sys_errlist[];

69

+ #define OPENSSL_NO_TLS1_2

70

+ #endif /* OpenSSL older than 1.0.1 || defined(OPENSSL_NO_TLS1) */

71

+

72

+-#if OPENSSL_VERSION_NUMBER>=0x10100000L

73

++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

74

+ #ifndef OPENSSL_NO_SSL2

75

+ #define OPENSSL_NO_SSL2

76

+ #endif /* !defined(OPENSSL_NO_SSL2) */

77

+@@ -474,7 +474,7 @@ extern char *sys_errlist[];

78

+ #include <openssl/des.h>

79

+ #ifndef OPENSSL_NO_DH

80

+ #include <openssl/dh.h>

81

+-#if OPENSSL_VERSION_NUMBER<0x10100000L

82

++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

83

+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);

84

+ #endif /* OpenSSL older than 1.1.0 */

85

+ #endif /* !defined(OPENSSL_NO_DH) */

86

+diff --git a/src/prototypes.h b/src/prototypes.h

87

+index 303ff77..ae22598 100644

88

+--- a/src/prototypes.h

89

++++ b/src/prototypes.h

90

+@@ -664,13 +664,13 @@ typedef enum {

91

+ #endif /* OPENSSL_NO_DH */

92

+     STUNNEL_LOCKS                           /* number of locks */

93

+ } LOCK_TYPE;

94

+-#if OPENSSL_VERSION_NUMBER < 0x10100004L

95

++#if OPENSSL_VERSION_NUMBER < 0x10100004L || defined(LIBRESSL_VERSION_NUMBER)

96

+ typedef int STUNNEL_RWLOCK;

97

+ #else

98

+ typedef CRYPTO_RWLOCK *STUNNEL_RWLOCK;

99

+ #endif

100

+ extern STUNNEL_RWLOCK stunnel_locks[STUNNEL_LOCKS];

101

+-#if OPENSSL_VERSION_NUMBER>=0x10100004L

102

++#if OPENSSL_VERSION_NUMBER>=0x10100004L && !defined(LIBRESSL_VERSION_NUMBER)

103

+ #define CRYPTO_THREAD_read_unlock(type) CRYPTO_THREAD_unlock(type)

104

+ #define CRYPTO_THREAD_write_unlock(type) CRYPTO_THREAD_unlock(type)

105

+ #else

106

+diff --git a/src/ssl.c b/src/ssl.c

107

+index a7af7e6..1483734 100644

108

+--- a/src/ssl.c

109

++++ b/src/ssl.c

110

+@@ -50,7 +50,7 @@ NOEXPORT int add_rand_file(GLOBAL_OPTIONS *, const char *);

111

+ int index_cli, index_opt, index_redirect, index_addr;

112

+

113

+ int ssl_init(void) { /* init TLS before parsing configuration file */

114

+-#if OPENSSL_VERSION_NUMBER>=0x10100000L

115

++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

116

+     OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS |

117

+         OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);

118

+ #else

119

+@@ -83,7 +83,7 @@ int ssl_init(void) { /* init TLS before parsing configuration file */

120

+ }

121

+

122

+ #ifndef OPENSSL_NO_DH

123

+-#if OPENSSL_VERSION_NUMBER<0x10100000L

124

++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

125

+ /* this is needed for dhparam.c generated with OpenSSL >= 1.1.0

126

+  * to be linked against the older versions */

127

+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {

128

+diff --git a/src/sthreads.c b/src/sthreads.c

129

+index 59c24a2..04fb256 100644

130

+--- a/src/sthreads.c

131

++++ b/src/sthreads.c

132

+@@ -47,7 +47,7 @@

133

+ STUNNEL_RWLOCK stunnel_locks[STUNNEL_LOCKS];

134

+ #endif

135

+

136

+-#if OPENSSL_VERSION_NUMBER<0x10100004L

137

++#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)

138

+ #define CRYPTO_THREAD_lock_new() CRYPTO_get_new_dynlockid()

139

+ #endif

140

+

141

+diff --git a/src/verify.c b/src/verify.c

142

+index ac1c3ee..3e3bda4 100644

143

+--- a/src/verify.c

144

++++ b/src/verify.c

145

+@@ -348,7 +348,7 @@ NOEXPORT int cert_check_local(X509_STORE_CTX *callback_ctx) {

146

+     cert=X509_STORE_CTX_get_current_cert(callback_ctx);

147

+     subject=X509_get_subject_name(cert);

148

+

149

+-#if OPENSSL_VERSION_NUMBER>=0x10000000L

150

++#if OPENSSL_VERSION_NUMBER>=0x10000000L && !defined(LIBRESSL_VERSION_NUMBER)

151

+ #if OPENSSL_VERSION_NUMBER<0x10100006L

152

+ #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs

153

+ #endif

154

155

diff --git a/net-misc/stunnel/stunnel-5.39.ebuild b/net-misc/stunnel/stunnel-5.39.ebuild

156

index 4275ec9..b1e4715 100644

157

--- a/net-misc/stunnel/stunnel-5.39.ebuild

158

+++ b/net-misc/stunnel/stunnel-5.39.ebuild

159

@@ -41,7 +41,7 @@ src_prepare() {

160

 		tools/Makefile.in || die "sed failed"

161

162

 	# libressl compat

163

-	eapply "${FILESDIR}"/stunnel-compat-libressl.patch

164

+	eapply "${FILESDIR}"/${P}-compat-libressl.patch

165

166

 	echo "CONFIG_PROTECT=\"/etc/stunnel/stunnel.conf\"" > "${T}"/20stunnel

1	commit: ed175c5284d66d77c891808de3239f187ee636f4
2	Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3	AuthorDate: Sat Jan 28 13:22:36 2017 +0000
4	Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5	CommitDate: Sat Jan 28 13:22:36 2017 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ed175c52
7
8	net-misc/stunnel: fix build on libressl, bug #584298
9
10	Package-Manager: portage-2.3.3
11
12	.../files/stunnel-5.39-compat-libressl.patch \| 132 +++++++++++++++++++++
13	net-misc/stunnel/stunnel-5.39.ebuild \| 2 +-
14	2 files changed, 133 insertions(+), 1 deletion(-)
15
16	diff --git a/net-misc/stunnel/files/stunnel-5.39-compat-libressl.patch b/net-misc/stunnel/files/stunnel-5.39-compat-libressl.patch
17	new file mode 100644
18	index 00000000..7c4f743
19	--- /dev/null
20	+++ b/net-misc/stunnel/files/stunnel-5.39-compat-libressl.patch
21	@@ -0,0 +1,132 @@
22	+diff -Naur stunnel-5.30.orig/src/ctx.c stunnel-5.30/src/ctx.c
23	+--- stunnel-5.30.orig/src/ctx.c 2016-01-15 16:45:23.000000000 +0000
24	++++ stunnel-5.30/src/ctx.c 2016-05-14 15:16:47.392859450 +0000
25	+@@ -359,7 +359,7 @@
26	+ /**************************************** initialize OpenSSL CONF */
27	+
28	+ NOEXPORT int conf_init(SERVICE_OPTIONS *section) {
29	+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
30	++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
31	+ SSL_CONF_CTX *cctx;
32	+ NAME_LIST *curr;
33	+ char cmd, param;
34	+diff -Naur stunnel-5.30.orig/src/verify.c stunnel-5.30/src/verify.c
35	+--- stunnel-5.30.orig/src/verify.c 2016-01-15 16:45:23.000000000 +0000
36	++++ stunnel-5.30/src/verify.c 2016-05-14 15:16:10.369860180 +0000
37	+@@ -51,7 +51,7 @@
38	+ NOEXPORT int verify_callback(int, X509_STORE_CTX *);
39	+ NOEXPORT int verify_checks(CLI , int, X509_STORE_CTX );
40	+ NOEXPORT int cert_check(CLI , X509_STORE_CTX , int);
41	+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
42	++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
43	+ NOEXPORT int cert_check_subject(CLI , X509_STORE_CTX );
44	+ #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
45	+ NOEXPORT int cert_check_local(X509_STORE_CTX *);
46	+@@ -280,7 +280,7 @@
47	+ }
48	+
49	+ if(depth==0) { /* additional peer certificate checks */
50	+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
51	++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
52	+ if(!cert_check_subject(c, callback_ctx))
53	+ return 0; /* reject */
54	+ #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
55	+@@ -291,7 +291,7 @@
56	+ return 1; /* accept */
57	+ }
58	+
59	+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
60	++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
61	+ NOEXPORT int cert_check_subject(CLI c, X509_STORE_CTX callback_ctx) {
62	+ X509 *cert=X509_STORE_CTX_get_current_cert(callback_ctx);
63	+ NAME_LIST *ptr;
64	+diff --git a/src/common.h b/src/common.h
65	+index 93f165e..491d9de 100644
66	+--- a/src/common.h
67	++++ b/src/common.h
68	+@@ -448,7 +448,7 @@ extern char *sys_errlist[];
69	+ #define OPENSSL_NO_TLS1_2
70	+ #endif /* OpenSSL older than 1.0.1 \|\| defined(OPENSSL_NO_TLS1) */
71	+
72	+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
73	++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
74	+ #ifndef OPENSSL_NO_SSL2
75	+ #define OPENSSL_NO_SSL2
76	+ #endif /* !defined(OPENSSL_NO_SSL2) */
77	+@@ -474,7 +474,7 @@ extern char *sys_errlist[];
78	+ #include <openssl/des.h>
79	+ #ifndef OPENSSL_NO_DH
80	+ #include <openssl/dh.h>
81	+-#if OPENSSL_VERSION_NUMBER<0x10100000L
82	++#if OPENSSL_VERSION_NUMBER<0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
83	+ int DH_set0_pqg(DH dh, BIGNUM p, BIGNUM q, BIGNUM g);
84	+ #endif /* OpenSSL older than 1.1.0 */
85	+ #endif /* !defined(OPENSSL_NO_DH) */
86	+diff --git a/src/prototypes.h b/src/prototypes.h
87	+index 303ff77..ae22598 100644
88	+--- a/src/prototypes.h
89	++++ b/src/prototypes.h
90	+@@ -664,13 +664,13 @@ typedef enum {
91	+ #endif /* OPENSSL_NO_DH */
92	+ STUNNEL_LOCKS /* number of locks */
93	+ } LOCK_TYPE;
94	+-#if OPENSSL_VERSION_NUMBER < 0x10100004L
95	++#if OPENSSL_VERSION_NUMBER < 0x10100004L \|\| defined(LIBRESSL_VERSION_NUMBER)
96	+ typedef int STUNNEL_RWLOCK;
97	+ #else
98	+ typedef CRYPTO_RWLOCK *STUNNEL_RWLOCK;
99	+ #endif
100	+ extern STUNNEL_RWLOCK stunnel_locks[STUNNEL_LOCKS];
101	+-#if OPENSSL_VERSION_NUMBER>=0x10100004L
102	++#if OPENSSL_VERSION_NUMBER>=0x10100004L && !defined(LIBRESSL_VERSION_NUMBER)
103	+ #define CRYPTO_THREAD_read_unlock(type) CRYPTO_THREAD_unlock(type)
104	+ #define CRYPTO_THREAD_write_unlock(type) CRYPTO_THREAD_unlock(type)
105	+ #else
106	+diff --git a/src/ssl.c b/src/ssl.c
107	+index a7af7e6..1483734 100644
108	+--- a/src/ssl.c
109	++++ b/src/ssl.c
110	+@@ -50,7 +50,7 @@ NOEXPORT int add_rand_file(GLOBAL_OPTIONS , const char );
111	+ int index_cli, index_opt, index_redirect, index_addr;
112	+
113	+ int ssl_init(void) { /* init TLS before parsing configuration file */
114	+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
115	++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
116	+ OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS \|
117	+ OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
118	+ #else
119	+@@ -83,7 +83,7 @@ int ssl_init(void) { /* init TLS before parsing configuration file */
120	+ }
121	+
122	+ #ifndef OPENSSL_NO_DH
123	+-#if OPENSSL_VERSION_NUMBER<0x10100000L
124	++#if OPENSSL_VERSION_NUMBER<0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
125	+ /* this is needed for dhparam.c generated with OpenSSL >= 1.1.0
126	+ * to be linked against the older versions */
127	+ int DH_set0_pqg(DH dh, BIGNUM p, BIGNUM q, BIGNUM g) {
128	+diff --git a/src/sthreads.c b/src/sthreads.c
129	+index 59c24a2..04fb256 100644
130	+--- a/src/sthreads.c
131	++++ b/src/sthreads.c
132	+@@ -47,7 +47,7 @@
133	+ STUNNEL_RWLOCK stunnel_locks[STUNNEL_LOCKS];
134	+ #endif
135	+
136	+-#if OPENSSL_VERSION_NUMBER<0x10100004L
137	++#if OPENSSL_VERSION_NUMBER<0x10100004L \|\| defined(LIBRESSL_VERSION_NUMBER)
138	+ #define CRYPTO_THREAD_lock_new() CRYPTO_get_new_dynlockid()
139	+ #endif
140	+
141	+diff --git a/src/verify.c b/src/verify.c
142	+index ac1c3ee..3e3bda4 100644
143	+--- a/src/verify.c
144	++++ b/src/verify.c
145	+@@ -348,7 +348,7 @@ NOEXPORT int cert_check_local(X509_STORE_CTX *callback_ctx) {
146	+ cert=X509_STORE_CTX_get_current_cert(callback_ctx);
147	+ subject=X509_get_subject_name(cert);
148	+
149	+-#if OPENSSL_VERSION_NUMBER>=0x10000000L
150	++#if OPENSSL_VERSION_NUMBER>=0x10000000L && !defined(LIBRESSL_VERSION_NUMBER)
151	+ #if OPENSSL_VERSION_NUMBER<0x10100006L
152	+ #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs
153	+ #endif
154
155	diff --git a/net-misc/stunnel/stunnel-5.39.ebuild b/net-misc/stunnel/stunnel-5.39.ebuild
156	index 4275ec9..b1e4715 100644
157	--- a/net-misc/stunnel/stunnel-5.39.ebuild
158	+++ b/net-misc/stunnel/stunnel-5.39.ebuild
159	@@ -41,7 +41,7 @@ src_prepare() {
160	tools/Makefile.in \|\| die "sed failed"
161
162	# libressl compat
163	- eapply "${FILESDIR}"/stunnel-compat-libressl.patch
164	+ eapply "${FILESDIR}"/${P}-compat-libressl.patch
165
166	echo "CONFIG_PROTECT=\"/etc/stunnel/stunnel.conf\"" > "${T}"/20stunnel

Gentoo Archives: gentoo-commits