[gentoo-commits] repo/gentoo:master commit in: dev-libs/iksemel/, dev-libs/iksemel/files/ - gentoo-commits

From:	Patrice Clement <monsieurp@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: dev-libs/iksemel/, dev-libs/iksemel/files/
Date:	Thu, 02 Jun 2016 08:45:01
Message-Id:	`1464855419.6f6313a970a74e43d7d983f71da91ae1c20c6091.monsieurp@gentoo`

1

commit:     6f6313a970a74e43d7d983f71da91ae1c20c6091

2

Author:     Craig Andrews <candrews <AT> integralblue <DOT> com>

3

AuthorDate: Mon May 30 22:16:54 2016 +0000

4

Commit:     Patrice Clement <monsieurp <AT> gentoo <DOT> org>

5

CommitDate: Thu Jun  2 08:16:59 2016 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6f6313a9

7

8

dev-libs/iksemel: Fix building with >=net-libs/gnutls-3.4.0

9

10

Package-Manager: portage-2.3.0_rc1

11

Gentoo-Bug: https://bugs.gentoo.org/582752

12

Closes: https://github.com/gentoo/gentoo/pull/1561

13

14

Signed-off-by: Patrice Clement <monsieurp <AT> gentoo.org>

15

16

 .../iksemel/files/iksemel-1.4-gnutls-3.4.patch     | 38 ++++++++++++++++++++++

17

 dev-libs/iksemel/iksemel-1.4.ebuild                |  3 +-

18

 2 files changed, 40 insertions(+), 1 deletion(-)

19

20

diff --git a/dev-libs/iksemel/files/iksemel-1.4-gnutls-3.4.patch b/dev-libs/iksemel/files/iksemel-1.4-gnutls-3.4.patch

21

new file mode 100644

22

index 0000000..bf09e17

23

--- /dev/null

24

+++ b/dev-libs/iksemel/files/iksemel-1.4-gnutls-3.4.patch

25

@@ -0,0 +1,38 @@

26

+Last-Update: 2015-10-28

27

+Bug-Upstream: https://github.com/meduketto/iksemel/issues/48

28

+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803204

29

+From: Marc Dequènes (duck) <duck@××××××××.org>

30

+Description: fix security problem (and compatibility problem with servers rejecting low grade ciphers).

31

+

32

+--- a/src/stream.c

33

++++ b/src/stream.c

34

+@@ -62,13 +62,9 @@

35

+

36

+ static int

37

+ handshake (struct stream_data *data)

38

+ {

39

+-	const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };

40

+-	const int kx_priority[] = { GNUTLS_KX_RSA, 0 };

41

+-	const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0};

42

+-	const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };

43

+-	const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };

44

++	const char *priority_string = "SECURE256:+SECURE192:-VERS-TLS-ALL:+VERS-TLS1.2";

45

+ 	int ret;

46

+

47

+ 	if (gnutls_global_init () != 0)

48

+ 		return IKS_NOMEM;

49

+@@ -79,13 +75,9 @@

50

+ 	if (gnutls_init (&data->sess, GNUTLS_CLIENT) != 0) {

51

+ 		gnutls_certificate_free_credentials (data->cred);

52

+ 		return IKS_NOMEM;

53

+ 	}

54

+-	gnutls_protocol_set_priority (data->sess, protocol_priority);

55

+-	gnutls_cipher_set_priority(data->sess, cipher_priority);

56

+-	gnutls_compression_set_priority(data->sess, comp_priority);

57

+-	gnutls_kx_set_priority(data->sess, kx_priority);

58

+-	gnutls_mac_set_priority(data->sess, mac_priority);

59

++	gnutls_priority_set_direct(data->sess, priority_string, NULL);

60

+ 	gnutls_credentials_set (data->sess, GNUTLS_CRD_CERTIFICATE, data->cred);

61

+

62

+ 	gnutls_transport_set_push_function (data->sess, (gnutls_push_func) tls_push);

63

+ 	gnutls_transport_set_pull_function (data->sess, (gnutls_pull_func) tls_pull);

64

65

diff --git a/dev-libs/iksemel/iksemel-1.4.ebuild b/dev-libs/iksemel/iksemel-1.4.ebuild

66

index 068c794..9496f09 100644

67

--- a/dev-libs/iksemel/iksemel-1.4.ebuild

68

+++ b/dev-libs/iksemel/iksemel-1.4.ebuild

69

@@ -1,4 +1,4 @@

70

-# Copyright 1999-2012 Gentoo Foundation

71

+# Copyright 1999-2016 Gentoo Foundation

72

 # Distributed under the terms of the GNU General Public License v2

73

 # $Id$

74

75

@@ -21,6 +21,7 @@ DEPEND="${RDEPEND}

76

77

 src_prepare() {

78

 	epatch "${FILESDIR}/${PN}-1.3-gnutls-2.8.patch"

79

+	epatch "${FILESDIR}/${PN}-1.4-gnutls-3.4.patch"

80

 	eautoreconf

81

}

1	commit: 6f6313a970a74e43d7d983f71da91ae1c20c6091
2	Author: Craig Andrews <candrews <AT> integralblue <DOT> com>
3	AuthorDate: Mon May 30 22:16:54 2016 +0000
4	Commit: Patrice Clement <monsieurp <AT> gentoo <DOT> org>
5	CommitDate: Thu Jun 2 08:16:59 2016 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6f6313a9
7
8	dev-libs/iksemel: Fix building with >=net-libs/gnutls-3.4.0
9
10	Package-Manager: portage-2.3.0_rc1
11	Gentoo-Bug: https://bugs.gentoo.org/582752
12	Closes: https://github.com/gentoo/gentoo/pull/1561
13
14	Signed-off-by: Patrice Clement <monsieurp <AT> gentoo.org>
15
16	.../iksemel/files/iksemel-1.4-gnutls-3.4.patch \| 38 ++++++++++++++++++++++
17	dev-libs/iksemel/iksemel-1.4.ebuild \| 3 +-
18	2 files changed, 40 insertions(+), 1 deletion(-)
19
20	diff --git a/dev-libs/iksemel/files/iksemel-1.4-gnutls-3.4.patch b/dev-libs/iksemel/files/iksemel-1.4-gnutls-3.4.patch
21	new file mode 100644
22	index 0000000..bf09e17
23	--- /dev/null
24	+++ b/dev-libs/iksemel/files/iksemel-1.4-gnutls-3.4.patch
25	@@ -0,0 +1,38 @@
26	+Last-Update: 2015-10-28
27	+Bug-Upstream: https://github.com/meduketto/iksemel/issues/48
28	+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803204
29	+From: Marc Dequènes (duck) <duck@××××××××.org>
30	+Description: fix security problem (and compatibility problem with servers rejecting low grade ciphers).
31	+
32	+--- a/src/stream.c
33	++++ b/src/stream.c
34	+@@ -62,13 +62,9 @@
35	+
36	+ static int
37	+ handshake (struct stream_data *data)
38	+ {
39	+- const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
40	+- const int kx_priority[] = { GNUTLS_KX_RSA, 0 };
41	+- const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0};
42	+- const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
43	+- const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
44	++ const char *priority_string = "SECURE256:+SECURE192:-VERS-TLS-ALL:+VERS-TLS1.2";
45	+ int ret;
46	+
47	+ if (gnutls_global_init () != 0)
48	+ return IKS_NOMEM;
49	+@@ -79,13 +75,9 @@
50	+ if (gnutls_init (&data->sess, GNUTLS_CLIENT) != 0) {
51	+ gnutls_certificate_free_credentials (data->cred);
52	+ return IKS_NOMEM;
53	+ }
54	+- gnutls_protocol_set_priority (data->sess, protocol_priority);
55	+- gnutls_cipher_set_priority(data->sess, cipher_priority);
56	+- gnutls_compression_set_priority(data->sess, comp_priority);
57	+- gnutls_kx_set_priority(data->sess, kx_priority);
58	+- gnutls_mac_set_priority(data->sess, mac_priority);
59	++ gnutls_priority_set_direct(data->sess, priority_string, NULL);
60	+ gnutls_credentials_set (data->sess, GNUTLS_CRD_CERTIFICATE, data->cred);
61	+
62	+ gnutls_transport_set_push_function (data->sess, (gnutls_push_func) tls_push);
63	+ gnutls_transport_set_pull_function (data->sess, (gnutls_pull_func) tls_pull);
64
65	diff --git a/dev-libs/iksemel/iksemel-1.4.ebuild b/dev-libs/iksemel/iksemel-1.4.ebuild
66	index 068c794..9496f09 100644
67	--- a/dev-libs/iksemel/iksemel-1.4.ebuild
68	+++ b/dev-libs/iksemel/iksemel-1.4.ebuild
69	@@ -1,4 +1,4 @@
70	-# Copyright 1999-2012 Gentoo Foundation
71	+# Copyright 1999-2016 Gentoo Foundation
72	# Distributed under the terms of the GNU General Public License v2
73	# $Id$
74
75	@@ -21,6 +21,7 @@ DEPEND="${RDEPEND}
76
77	src_prepare() {
78	epatch "${FILESDIR}/${PN}-1.3-gnutls-2.8.patch"
79	+ epatch "${FILESDIR}/${PN}-1.4-gnutls-3.4.patch"
80	eautoreconf
81	}

Gentoo Archives: gentoo-commits