| 1 |
commit: 860e9b1a04e420c144a6c9b41c1b0292027ef4ea |
| 2 |
Author: Bjarke Istrup Pedersen <gurligebis <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Sun Oct 9 09:08:52 2016 +0000 |
| 4 |
Commit: Bjarke Istrup Pedersen <gurligebis <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sun Oct 9 09:09:15 2016 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=860e9b1a |
| 7 |
|
| 8 |
net-wireless/wpa_supplicant: Adding libressl fix, to fix bug #596332 |
| 9 |
|
| 10 |
Package-Manager: portage-2.3.1 |
| 11 |
|
| 12 |
.../files/wpa_supplicant-2.6-libressl.patch | 81 ++++++++++++++++++++++ |
| 13 |
.../wpa_supplicant/wpa_supplicant-2.6.ebuild | 3 + |
| 14 |
2 files changed, 84 insertions(+) |
| 15 |
|
| 16 |
diff --git a/net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-libressl.patch b/net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-libressl.patch |
| 17 |
new file mode 100644 |
| 18 |
index 00000000..0394ab5 |
| 19 |
--- /dev/null |
| 20 |
+++ b/net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-libressl.patch |
| 21 |
@@ -0,0 +1,81 @@ |
| 22 |
+From d53b107120af86a0c711bac950bfc2fa728cb4e6 Mon Sep 17 00:00:00 2001 |
| 23 |
+From: Julian Ospald <hasufell@××××××××.de> |
| 24 |
+Date: Fri, 7 Oct 2016 17:45:46 +0200 |
| 25 |
+Subject: [PATCH] Fix LibreSSL compatibility |
| 26 |
+Upstream: pending, http://lists.infradead.org/pipermail/hostap/2016-October/036458.html |
| 27 |
+ |
| 28 |
+This basically just follows |
| 29 |
+587b0457e0238b7b1800d46f5cdd5e1d2b06732f |
| 30 |
+with the same pattern, which was missed here. |
| 31 |
+ |
| 32 |
+Signed-off-by: Julian Ospald <hasufell@××××××××.de> |
| 33 |
+--- |
| 34 |
+ src/crypto/crypto_openssl.c | 4 ++-- |
| 35 |
+ src/crypto/tls_openssl.c | 8 ++++---- |
| 36 |
+ 2 files changed, 6 insertions(+), 6 deletions(-) |
| 37 |
+ |
| 38 |
+diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c |
| 39 |
+index 19e0e2b..b3d1b07 100644 |
| 40 |
+--- a/src/crypto/crypto_openssl.c |
| 41 |
++++ b/src/crypto/crypto_openssl.c |
| 42 |
+@@ -611,7 +611,7 @@ void crypto_cipher_deinit(struct crypto_cipher *ctx) |
| 43 |
+ |
| 44 |
+ void * dh5_init(struct wpabuf **priv, struct wpabuf **publ) |
| 45 |
+ { |
| 46 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 47 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
| 48 |
+ DH *dh; |
| 49 |
+ struct wpabuf *pubkey = NULL, *privkey = NULL; |
| 50 |
+ size_t publen, privlen; |
| 51 |
+@@ -712,7 +712,7 @@ err: |
| 52 |
+ |
| 53 |
+ void * dh5_init_fixed(const struct wpabuf *priv, const struct wpabuf *publ) |
| 54 |
+ { |
| 55 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 56 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
| 57 |
+ DH *dh; |
| 58 |
+ |
| 59 |
+ dh = DH_new(); |
| 60 |
+diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c |
| 61 |
+index 23ac64b..a7d4880 100644 |
| 62 |
+--- a/src/crypto/tls_openssl.c |
| 63 |
++++ b/src/crypto/tls_openssl.c |
| 64 |
+@@ -919,7 +919,7 @@ void * tls_init(const struct tls_config *conf) |
| 65 |
+ } |
| 66 |
+ #endif /* OPENSSL_FIPS */ |
| 67 |
+ #endif /* CONFIG_FIPS */ |
| 68 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 69 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
| 70 |
+ SSL_load_error_strings(); |
| 71 |
+ SSL_library_init(); |
| 72 |
+ #ifndef OPENSSL_NO_SHA256 |
| 73 |
+@@ -1043,7 +1043,7 @@ void tls_deinit(void *ssl_ctx) |
| 74 |
+ |
| 75 |
+ tls_openssl_ref_count--; |
| 76 |
+ if (tls_openssl_ref_count == 0) { |
| 77 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 78 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
| 79 |
+ #ifndef OPENSSL_NO_ENGINE |
| 80 |
+ ENGINE_cleanup(); |
| 81 |
+ #endif /* OPENSSL_NO_ENGINE */ |
| 82 |
+@@ -2334,7 +2334,7 @@ static int tls_connection_client_cert(struct tls_connection *conn, |
| 83 |
+ return 0; |
| 84 |
+ |
| 85 |
+ #ifdef PKCS12_FUNCS |
| 86 |
+-#if OPENSSL_VERSION_NUMBER < 0x10002000L |
| 87 |
++#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) |
| 88 |
+ /* |
| 89 |
+ * Clear previously set extra chain certificates, if any, from PKCS#12 |
| 90 |
+ * processing in tls_parse_pkcs12() to allow OpenSSL to build a new |
| 91 |
+@@ -3976,7 +3976,7 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, |
| 92 |
+ engine_id = "pkcs11"; |
| 93 |
+ |
| 94 |
+ #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) |
| 95 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 96 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
| 97 |
+ if (params->flags & TLS_CONN_EAP_FAST) { |
| 98 |
+ wpa_printf(MSG_DEBUG, |
| 99 |
+ "OpenSSL: Use TLSv1_method() for EAP-FAST"); |
| 100 |
+-- |
| 101 |
+2.10.1 |
| 102 |
+ |
| 103 |
|
| 104 |
diff --git a/net-wireless/wpa_supplicant/wpa_supplicant-2.6.ebuild b/net-wireless/wpa_supplicant/wpa_supplicant-2.6.ebuild |
| 105 |
index ebb32c5..c07b5fc 100644 |
| 106 |
--- a/net-wireless/wpa_supplicant/wpa_supplicant-2.6.ebuild |
| 107 |
+++ b/net-wireless/wpa_supplicant/wpa_supplicant-2.6.ebuild |
| 108 |
@@ -127,6 +127,9 @@ src_prepare() { |
| 109 |
# SO WOULD BE NICE TO JUST DROP IT, IF IT IS NOT NEEDED. |
| 110 |
# bug (374089) |
| 111 |
#epatch "${FILESDIR}/${P}-dbus-WPAIE-fix.patch" |
| 112 |
+ |
| 113 |
+ # bug (596332) |
| 114 |
+ epatch "${FILESDIR}/${P}-libressl.patch" |
| 115 |
} |
| 116 |
|
| 117 |
src_configure() { |
Archives