[gentoo-commits] repo/gentoo:master commit in: net-libs/c-client/, net-libs/c-client/files/ - gentoo-commits

From:	Lars Wendler <polynomial-c@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-libs/c-client/, net-libs/c-client/files/
Date:	Wed, 24 Oct 2018 15:07:53
Message-Id:	`1540393659.c2626757b304cbe1ba5da551b0db496989e95cc0.polynomial-c@gentoo`

1

commit:     c2626757b304cbe1ba5da551b0db496989e95cc0

2

Author:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>

3

AuthorDate: Wed Oct 24 15:07:24 2018 +0000

4

Commit:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>

5

CommitDate: Wed Oct 24 15:07:39 2018 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c2626757

7

8

net-libs/c-client: Fixed build with openssl-1.1

9

10

Closes: https://bugs.gentoo.org/647616

11

Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>

12

Package-Manager: Portage-2.3.51, Repoman-2.3.11

13

14

 net-libs/c-client/c-client-2007f-r6.ebuild         | 33 ++++++-----

15

 .../files/c-client-2007f-openssl-1.1.patch         | 66 ++++++++++++++++++++++

16

 2 files changed, 86 insertions(+), 13 deletions(-)

17

18

diff --git a/net-libs/c-client/c-client-2007f-r6.ebuild b/net-libs/c-client/c-client-2007f-r6.ebuild

19

index 6f539a98487..bd9925412df 100644

20

--- a/net-libs/c-client/c-client-2007f-r6.ebuild

21

+++ b/net-libs/c-client/c-client-2007f-r6.ebuild

22

@@ -1,4 +1,4 @@

23

-# Copyright 1999-2017 Gentoo Foundation

24

+# Copyright 1999-2018 Gentoo Authors

25

 # Distributed under the terms of the GNU General Public License v2

26

27

 EAPI=6

28

@@ -30,9 +30,28 @@ DEPEND="${RDEPEND}

29

 	kernel_linux? ( pam? ( >=sys-libs/pam-0.72 ) )

30

"

31

32

+PATCHES=(

33

+	# Apply a patch to only build the stuff we need for c-client

34

+	"${FILESDIR}/${PN}-2006k_GENTOO_Makefile.patch"

35

+

36

+	# Apply patch to add the compilation of a .so for PHP

37

+	# This was previously conditional, but is more widely useful.

38

+	"${FILESDIR}/${PN}-2006k_GENTOO_amd64-so-fix.patch"

39

+

40

+	# Respect LDFLAGS

41

+	"${FILESDIR}/${PN}-2007f-ldflags.patch"

42

+

43

+	# openssl-1.1 build fix #647616

44

+	"${FILESDIR}/${PN}-2007f-openssl-1.1.patch"

45

+)

46

+

47

 src_prepare() {

48

+	use topal && PATCHES+=( "${FILESDIR}/${P}-topal.patch" )

49

+

50

 	default

51

52

+	use chappa && eapply -p2 "${WORKDIR}/${P}-chappa-${CHAPPA_PL}-all.patch"

53

+

54

 	# Tarball packed with bad file perms

55

 	chmod -R u+rwX,go-w . || die "failed to fix permissions"

56

57

@@ -60,28 +79,16 @@ src_prepare() {

58

 		-i src/osdep/unix/Makefile \

59

 		|| die "failed to fix the FreeBSD ACTIVEFILE path in the Makefile"

60

61

-	# Apply a patch to only build the stuff we need for c-client

62

-	eapply "${FILESDIR}/${PN}-2006k_GENTOO_Makefile.patch"

63

-

64

-	# Apply patch to add the compilation of a .so for PHP

65

-	# This was previously conditional, but is more widely useful.

66

-	eapply "${FILESDIR}/${PN}-2006k_GENTOO_amd64-so-fix.patch"

67

-

68

 	# Remove the pesky checks about SSL stuff

69

 	sed -e '/read.*exit/d' -i Makefile \

70

 		|| die "failed to disable SSL warning in the Makefile"

71

72

-	# Respect LDFLAGS

73

-	eapply "${FILESDIR}/${PN}-2007f-ldflags.patch"

74

 	sed -e "s:CC=cc:CC=$(tc-getCC):" \

75

 		-e "s:ARRC=ar:ARRC=$(tc-getAR):" \

76

 		-e "s:RANLIB=ranlib:RANLIB=$(tc-getRANLIB):" \

77

 		-i src/osdep/unix/Makefile \

78

 		|| die "failed to fix build flags support in the Makefile"

79

80

-	use topal && eapply "${FILESDIR}/${P}-topal.patch"

81

-	use chappa && epatch "${DISTDIR}/${P}-chappa-${CHAPPA_PL}-all.patch.gz"

82

-

83

 	elibtoolize

84

}

85

86

87

diff --git a/net-libs/c-client/files/c-client-2007f-openssl-1.1.patch b/net-libs/c-client/files/c-client-2007f-openssl-1.1.patch

88

new file mode 100644

89

index 00000000000..918f0bd3fbd

90

--- /dev/null

91

+++ b/net-libs/c-client/files/c-client-2007f-openssl-1.1.patch

92

@@ -0,0 +1,66 @@

93

+diff -Nru a/src/osdep/unix/ssl_unix.c b/src/osdep/unix/ssl_unix.c

94

+--- a/src/osdep/unix/ssl_unix.c	2011-07-23 02:20:10.000000000 +0200

95

++++ b/src/osdep/unix/ssl_unix.c	2018-09-22 09:34:26.492765776 +0200

96

+@@ -59,7 +59,7 @@

97

+ static SSLSTREAM *ssl_start(TCPSTREAM *tstream,char *host,unsigned long flags);

98

+ static char *ssl_start_work (SSLSTREAM *stream,char *host,unsigned long flags);

99

+ static int ssl_open_verify (int ok,X509_STORE_CTX *ctx);

100

+-static char *ssl_validate_cert (X509 *cert,char *host);

101

++static char *ssl_validate_cert (X509 *cert,char *host, char *cert_subj);

102

+ static long ssl_compare_hostnames (unsigned char *s,unsigned char *pat);

103

+ static char *ssl_getline_work (SSLSTREAM *stream,unsigned long *size,

104

+ 			       long *contd);

105

+@@ -210,6 +210,7 @@

106

+   BIO *bio;

107

+   X509 *cert;

108

+   unsigned long sl,tl;

109

++  char cert_subj[250];

110

+   char *s,*t,*err,tmp[MAILTMPLEN];

111

+   sslcertificatequery_t scq =

112

+     (sslcertificatequery_t) mail_parameters (NIL,GET_SSLCERTIFICATEQUERY,NIL);

113

+@@ -266,13 +267,17 @@

114

+   if (SSL_write (stream->con,"",0) < 0)

115

+     return ssl_last_error ? ssl_last_error : "SSL negotiation failed";

116

+ 				/* need to validate host names? */

117

+-  if (!(flags & NET_NOVALIDATECERT) &&

118

+-      (err = ssl_validate_cert (cert = SSL_get_peer_certificate (stream->con),

119

+-				host))) {

120

+-				/* application callback */

121

+-    if (scq) return (*scq) (err,host,cert ? cert->name : "???") ? NIL : "";

122

+-				/* error message to return via mm_log() */

123

+-    sprintf (tmp,"*%.128s: %.255s",err,cert ? cert->name : "???");

124

++  if (!(flags & NET_NOVALIDATECERT)) {

125

++    cert_subj[0] = '\0';

126

++    cert = SSL_get_peer_certificate(stream->con);

127

++    if (cert)

128

++      X509_NAME_oneline(X509_get_subject_name(cert), cert_subj, sizeof(cert_subj));

129

++    err = ssl_validate_cert (cert, host, cert_subj);

130

++    if (err)

131

++      /* application callback */

132

++      if (scq) return (*scq) (err,host,cert ? cert_subj : "???") ? NIL : "";

133

++    /* error message to return via mm_log() */

134

++    sprintf (tmp,"*%.128s: %.255s",err,cert ? cert_subj : "???");

135

+     return ssl_last_error = cpystr (tmp);

136

+   }

137

+   return NIL;

138

+@@ -313,7 +318,7 @@

139

+  * Returns: NIL if validated, else string of error message

140

+  */

141

+

142

+-static char *ssl_validate_cert (X509 *cert,char *host)

143

++static char *ssl_validate_cert (X509 *cert,char *host, char *cert_subj)

144

+ {

145

+   int i,n;

146

+   char *s,*t,*ret;

147

+@@ -322,9 +327,9 @@

148

+ 				/* make sure have a certificate */

149

+   if (!cert) ret = "No certificate from server";

150

+ 				/* and that it has a name */

151

+-  else if (!cert->name) ret = "No name in certificate";

152

++  else if (cert_subj[0] == '\0') ret = "No name in certificate";

153

+ 				/* locate CN */

154

+-  else if (s = strstr (cert->name,"/CN=")) {

155

++  else if (s = strstr (cert_subj,"/CN=")) {

156

+     if (t = strchr (s += 4,'/')) *t = '\0';

157

+ 				/* host name matches pattern? */

158

+     ret = ssl_compare_hostnames (host,s) ? NIL :

1	commit: c2626757b304cbe1ba5da551b0db496989e95cc0
2	Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
3	AuthorDate: Wed Oct 24 15:07:24 2018 +0000
4	Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
5	CommitDate: Wed Oct 24 15:07:39 2018 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c2626757
7
8	net-libs/c-client: Fixed build with openssl-1.1
9
10	Closes: https://bugs.gentoo.org/647616
11	Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>
12	Package-Manager: Portage-2.3.51, Repoman-2.3.11
13
14	net-libs/c-client/c-client-2007f-r6.ebuild \| 33 ++++++-----
15	.../files/c-client-2007f-openssl-1.1.patch \| 66 ++++++++++++++++++++++
16	2 files changed, 86 insertions(+), 13 deletions(-)
17
18	diff --git a/net-libs/c-client/c-client-2007f-r6.ebuild b/net-libs/c-client/c-client-2007f-r6.ebuild
19	index 6f539a98487..bd9925412df 100644
20	--- a/net-libs/c-client/c-client-2007f-r6.ebuild
21	+++ b/net-libs/c-client/c-client-2007f-r6.ebuild
22	@@ -1,4 +1,4 @@
23	-# Copyright 1999-2017 Gentoo Foundation
24	+# Copyright 1999-2018 Gentoo Authors
25	# Distributed under the terms of the GNU General Public License v2
26
27	EAPI=6
28	@@ -30,9 +30,28 @@ DEPEND="${RDEPEND}
29	kernel_linux? ( pam? ( >=sys-libs/pam-0.72 ) )
30	"
31
32	+PATCHES=(
33	+ # Apply a patch to only build the stuff we need for c-client
34	+ "${FILESDIR}/${PN}-2006k_GENTOO_Makefile.patch"
35	+
36	+ # Apply patch to add the compilation of a .so for PHP
37	+ # This was previously conditional, but is more widely useful.
38	+ "${FILESDIR}/${PN}-2006k_GENTOO_amd64-so-fix.patch"
39	+
40	+ # Respect LDFLAGS
41	+ "${FILESDIR}/${PN}-2007f-ldflags.patch"
42	+
43	+ # openssl-1.1 build fix #647616
44	+ "${FILESDIR}/${PN}-2007f-openssl-1.1.patch"
45	+)
46	+
47	src_prepare() {
48	+ use topal && PATCHES+=( "${FILESDIR}/${P}-topal.patch" )
49	+
50	default
51
52	+ use chappa && eapply -p2 "${WORKDIR}/${P}-chappa-${CHAPPA_PL}-all.patch"
53	+
54	# Tarball packed with bad file perms
55	chmod -R u+rwX,go-w . \|\| die "failed to fix permissions"
56
57	@@ -60,28 +79,16 @@ src_prepare() {
58	-i src/osdep/unix/Makefile \
59	\|\| die "failed to fix the FreeBSD ACTIVEFILE path in the Makefile"
60
61	- # Apply a patch to only build the stuff we need for c-client
62	- eapply "${FILESDIR}/${PN}-2006k_GENTOO_Makefile.patch"
63	-
64	- # Apply patch to add the compilation of a .so for PHP
65	- # This was previously conditional, but is more widely useful.
66	- eapply "${FILESDIR}/${PN}-2006k_GENTOO_amd64-so-fix.patch"
67	-
68	# Remove the pesky checks about SSL stuff
69	sed -e '/read.*exit/d' -i Makefile \
70	\|\| die "failed to disable SSL warning in the Makefile"
71
72	- # Respect LDFLAGS
73	- eapply "${FILESDIR}/${PN}-2007f-ldflags.patch"
74	sed -e "s:CC=cc:CC=$(tc-getCC):" \
75	-e "s:ARRC=ar:ARRC=$(tc-getAR):" \
76	-e "s:RANLIB=ranlib:RANLIB=$(tc-getRANLIB):" \
77	-i src/osdep/unix/Makefile \
78	\|\| die "failed to fix build flags support in the Makefile"
79
80	- use topal && eapply "${FILESDIR}/${P}-topal.patch"
81	- use chappa && epatch "${DISTDIR}/${P}-chappa-${CHAPPA_PL}-all.patch.gz"
82	-
83	elibtoolize
84	}
85
86
87	diff --git a/net-libs/c-client/files/c-client-2007f-openssl-1.1.patch b/net-libs/c-client/files/c-client-2007f-openssl-1.1.patch
88	new file mode 100644
89	index 00000000000..918f0bd3fbd
90	--- /dev/null
91	+++ b/net-libs/c-client/files/c-client-2007f-openssl-1.1.patch
92	@@ -0,0 +1,66 @@
93	+diff -Nru a/src/osdep/unix/ssl_unix.c b/src/osdep/unix/ssl_unix.c
94	+--- a/src/osdep/unix/ssl_unix.c 2011-07-23 02:20:10.000000000 +0200
95	++++ b/src/osdep/unix/ssl_unix.c 2018-09-22 09:34:26.492765776 +0200
96	+@@ -59,7 +59,7 @@
97	+ static SSLSTREAM ssl_start(TCPSTREAM tstream,char *host,unsigned long flags);
98	+ static char ssl_start_work (SSLSTREAM stream,char *host,unsigned long flags);
99	+ static int ssl_open_verify (int ok,X509_STORE_CTX *ctx);
100	+-static char ssl_validate_cert (X509 cert,char *host);
101	++static char ssl_validate_cert (X509 cert,char host, char cert_subj);
102	+ static long ssl_compare_hostnames (unsigned char s,unsigned char pat);
103	+ static char ssl_getline_work (SSLSTREAM stream,unsigned long *size,
104	+ long *contd);
105	+@@ -210,6 +210,7 @@
106	+ BIO *bio;
107	+ X509 *cert;
108	+ unsigned long sl,tl;
109	++ char cert_subj[250];
110	+ char s,t,*err,tmp[MAILTMPLEN];
111	+ sslcertificatequery_t scq =
112	+ (sslcertificatequery_t) mail_parameters (NIL,GET_SSLCERTIFICATEQUERY,NIL);
113	+@@ -266,13 +267,17 @@
114	+ if (SSL_write (stream->con,"",0) < 0)
115	+ return ssl_last_error ? ssl_last_error : "SSL negotiation failed";
116	+ /* need to validate host names? */
117	+- if (!(flags & NET_NOVALIDATECERT) &&
118	+- (err = ssl_validate_cert (cert = SSL_get_peer_certificate (stream->con),
119	+- host))) {
120	+- /* application callback */
121	+- if (scq) return (*scq) (err,host,cert ? cert->name : "???") ? NIL : "";
122	+- /* error message to return via mm_log() */
123	+- sprintf (tmp,"*%.128s: %.255s",err,cert ? cert->name : "???");
124	++ if (!(flags & NET_NOVALIDATECERT)) {
125	++ cert_subj[0] = '\0';
126	++ cert = SSL_get_peer_certificate(stream->con);
127	++ if (cert)
128	++ X509_NAME_oneline(X509_get_subject_name(cert), cert_subj, sizeof(cert_subj));
129	++ err = ssl_validate_cert (cert, host, cert_subj);
130	++ if (err)
131	++ /* application callback */
132	++ if (scq) return (*scq) (err,host,cert ? cert_subj : "???") ? NIL : "";
133	++ /* error message to return via mm_log() */
134	++ sprintf (tmp,"*%.128s: %.255s",err,cert ? cert_subj : "???");
135	+ return ssl_last_error = cpystr (tmp);
136	+ }
137	+ return NIL;
138	+@@ -313,7 +318,7 @@
139	+ * Returns: NIL if validated, else string of error message
140	+ */
141	+
142	+-static char ssl_validate_cert (X509 cert,char *host)
143	++static char ssl_validate_cert (X509 cert,char host, char cert_subj)
144	+ {
145	+ int i,n;
146	+ char s,t,*ret;
147	+@@ -322,9 +327,9 @@
148	+ /* make sure have a certificate */
149	+ if (!cert) ret = "No certificate from server";
150	+ /* and that it has a name */
151	+- else if (!cert->name) ret = "No name in certificate";
152	++ else if (cert_subj[0] == '\0') ret = "No name in certificate";
153	+ /* locate CN */
154	+- else if (s = strstr (cert->name,"/CN=")) {
155	++ else if (s = strstr (cert_subj,"/CN=")) {
156	+ if (t = strchr (s += 4,'/')) *t = '\0';
157	+ /* host name matches pattern? */
158	+ ret = ssl_compare_hostnames (host,s) ? NIL :

Gentoo Archives: gentoo-commits