1 |
commit: e875040ac623c2937f6d2a6592e57494ba0d07ad |
2 |
Author: Sam James <sam <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Jun 30 19:20:37 2022 +0000 |
4 |
Commit: Sam James <sam <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Jun 30 19:32:44 2022 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e875040a |
7 |
|
8 |
dev-libs/openssl: backport test fix for 1.1.1p |
9 |
|
10 |
Signed-off-by: Sam James <sam <AT> gentoo.org> |
11 |
|
12 |
.../files/openssl-1.1.1p-fix-test-build.patch | 46 ++++++++++++++++++++++ |
13 |
dev-libs/openssl/openssl-1.1.1p.ebuild | 3 +- |
14 |
profiles/package.mask | 4 +- |
15 |
3 files changed, 49 insertions(+), 4 deletions(-) |
16 |
|
17 |
diff --git a/dev-libs/openssl/files/openssl-1.1.1p-fix-test-build.patch b/dev-libs/openssl/files/openssl-1.1.1p-fix-test-build.patch |
18 |
new file mode 100644 |
19 |
index 000000000000..f96e54f3127e |
20 |
--- /dev/null |
21 |
+++ b/dev-libs/openssl/files/openssl-1.1.1p-fix-test-build.patch |
22 |
@@ -0,0 +1,46 @@ |
23 |
+https://github.com/openssl/openssl/issues/18619 |
24 |
+https://github.com/openssl/openssl/pull/18634 |
25 |
+https://github.com/openssl/openssl/commit/665ab12ed3f0d78e7cb6a55cdd2b83a2fe150232 |
26 |
+ |
27 |
+From 665ab12ed3f0d78e7cb6a55cdd2b83a2fe150232 Mon Sep 17 00:00:00 2001 |
28 |
+From: Bernd Edlinger <bernd.edlinger@×××××××.de> |
29 |
+Date: Fri, 17 Jun 2022 10:25:24 +0200 |
30 |
+Subject: [PATCH] Fix compile issues in test/v3ext.c with no-rfc3779 |
31 |
+ |
32 |
+There are no ASIdentifiers if OPENSSL_NO_RFC3779 is defined, |
33 |
+therefore the test cannot be compiled. |
34 |
+ |
35 |
+Reviewed-by: Matt Caswell <matt@×××××××.org> |
36 |
+Reviewed-by: Tomas Mraz <tomas@×××××××.org> |
37 |
+Reviewed-by: Paul Dale <pauli@×××××××.org> |
38 |
+(Merged from https://github.com/openssl/openssl/pull/18634) |
39 |
+ |
40 |
+(cherry picked from commit b76efe61ea9710a8f69e1cb8caf1aeb2ba6f1ebe) |
41 |
+--- a/test/v3ext.c |
42 |
++++ b/test/v3ext.c |
43 |
+@@ -37,6 +37,7 @@ static int test_pathlen(void) |
44 |
+ return ret; |
45 |
+ } |
46 |
+ |
47 |
++#ifndef OPENSSL_NO_RFC3779 |
48 |
+ static int test_asid(void) |
49 |
+ { |
50 |
+ ASN1_INTEGER *val1 = NULL, *val2 = NULL; |
51 |
+@@ -113,6 +114,7 @@ static int test_asid(void) |
52 |
+ ASIdentifiers_free(asid4); |
53 |
+ return testresult; |
54 |
+ } |
55 |
++#endif /* OPENSSL_NO_RFC3779 */ |
56 |
+ |
57 |
+ OPT_TEST_DECLARE_USAGE("cert.pem\n") |
58 |
+ |
59 |
+@@ -127,6 +129,8 @@ int setup_tests(void) |
60 |
+ return 0; |
61 |
+ |
62 |
+ ADD_TEST(test_pathlen); |
63 |
++#ifndef OPENSSL_NO_RFC3779 |
64 |
+ ADD_TEST(test_asid); |
65 |
++#endif /* OPENSSL_NO_RFC3779 */ |
66 |
+ return 1; |
67 |
+ } |
68 |
+ |
69 |
|
70 |
diff --git a/dev-libs/openssl/openssl-1.1.1p.ebuild b/dev-libs/openssl/openssl-1.1.1p.ebuild |
71 |
index 90f1683c106f..f4af78d2c330 100644 |
72 |
--- a/dev-libs/openssl/openssl-1.1.1p.ebuild |
73 |
+++ b/dev-libs/openssl/openssl-1.1.1p.ebuild |
74 |
@@ -1,7 +1,7 @@ |
75 |
# Copyright 1999-2022 Gentoo Authors |
76 |
# Distributed under the terms of the GNU General Public License v2 |
77 |
|
78 |
-EAPI=7 |
79 |
+EAPI=8 |
80 |
|
81 |
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/openssl.org.asc |
82 |
inherit edo flag-o-matic toolchain-funcs multilib-minimal verify-sig |
83 |
@@ -47,6 +47,7 @@ PATCHES=( |
84 |
# If they're Gentoo specific, add to USE=-vanilla logic in src_prepare! |
85 |
"${FILESDIR}"/${PN}-1.1.0j-parallel_install_fix.patch #671602 |
86 |
"${FILESDIR}"/${PN}-1.1.1i-riscv32.patch |
87 |
+ "${FILESDIR}"/${P}-fix-test-build.patch |
88 |
) |
89 |
|
90 |
pkg_setup() { |
91 |
|
92 |
diff --git a/profiles/package.mask b/profiles/package.mask |
93 |
index fa6249c522e1..e9663afb0ce2 100644 |
94 |
--- a/profiles/package.mask |
95 |
+++ b/profiles/package.mask |
96 |
@@ -46,11 +46,9 @@ gnome-extra/gtkhtml |
97 |
|
98 |
# Sam James <sam@g.o> (2022-06-29) |
99 |
# Pre-emptively mask broken upstream versions. |
100 |
-# 1. openssl 1.1.1o fails tests (https://github.com/openssl/openssl/issues/18619) |
101 |
-# 2. openssl 3.0.4 has a buffer overflow w/ AVX512 (https://github.com/openssl/openssl/issues/18625) |
102 |
+# openssl 3.0.4 has a buffer overflow w/ AVX512 (https://github.com/openssl/openssl/issues/18625) |
103 |
# Gentoo isn't vulnerable to the original CVE which caused these releases |
104 |
# (CVE-2022-2068) as we have our own rehash script. |
105 |
-=dev-libs/openssl-1.1.1p |
106 |
=dev-libs/openssl-3.0.4 |
107 |
|
108 |
# Piotr Karbowski <slashbeast@g.o> (2022-06-26) |