[gentoo-commits] repo/gentoo:master commit in: net-misc/stunnel/, net-misc/stunnel/files/ - gentoo-commits

From:	Aaron Bauman <bman@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-misc/stunnel/, net-misc/stunnel/files/
Date:	Tue, 26 Feb 2019 22:28:40
Message-Id:	`1551220100.992eb4bfc2d96201fbc5587b5f29c9d81b278eb5.bman@gentoo`

1

commit:     992eb4bfc2d96201fbc5587b5f29c9d81b278eb5

2

Author:     Stefan Strogin <stefan.strogin <AT> gmail <DOT> com>

3

AuthorDate: Tue Feb 26 20:12:10 2019 +0000

4

Commit:     Aaron Bauman <bman <AT> gentoo <DOT> org>

5

CommitDate: Tue Feb 26 22:28:20 2019 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=992eb4bf

7

8

net-misc/stunnel: update patch for LibreSSL support

9

10

Probably won't work with <dev-libs/libressl-2.7.0 (if it ever worked).

11

12

Closes: https://bugs.gentoo.org/656420

13

Package-Manager: Portage-2.3.62, Repoman-2.3.12

14

Signed-off-by: Stefan Strogin <stefan.strogin <AT> gmail.com>

15

Closes: https://github.com/gentoo/gentoo/pull/11164

16

Signed-off-by: Aaron Bauman <bman <AT> gentoo.org>

17

18

 net-misc/stunnel/files/stunnel-5.50-libressl.patch | 228 +++++++++++++++++++++

19

 ...{stunnel-5.50.ebuild => stunnel-5.50-r1.ebuild} |   6 +-

20

 2 files changed, 231 insertions(+), 3 deletions(-)

21

22

diff --git a/net-misc/stunnel/files/stunnel-5.50-libressl.patch b/net-misc/stunnel/files/stunnel-5.50-libressl.patch

23

new file mode 100644

24

index 00000000000..4481220c268

25

--- /dev/null

26

+++ b/net-misc/stunnel/files/stunnel-5.50-libressl.patch

27

@@ -0,0 +1,228 @@

28

+diff --git a/src/ctx.c b/src/ctx.c

29

+index cd59f4e..b41be1b 100644

30

+--- a/src/ctx.c

31

++++ b/src/ctx.c

32

+@@ -118,7 +118,7 @@ NOEXPORT void sslerror_log(unsigned long, char *);

33

+

34

+ /**************************************** initialize section->ctx */

35

+

36

+-#if OPENSSL_VERSION_NUMBER>=0x10100000L

37

++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

38

+ typedef long unsigned SSL_OPTIONS_TYPE;

39

+ #else

40

+ typedef long SSL_OPTIONS_TYPE;

41

+@@ -126,7 +126,7 @@ typedef long SSL_OPTIONS_TYPE;

42

+

43

+ int context_init(SERVICE_OPTIONS *section) { /* init TLS context */

44

+     /* create TLS context */

45

+-#if OPENSSL_VERSION_NUMBER>=0x10100000L

46

++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

47

+     if(section->option.client)

48

+         section->ctx=SSL_CTX_new(TLS_client_method());

49

+     else /* server mode */

50

+@@ -437,7 +437,7 @@ NOEXPORT int ecdh_init(SERVICE_OPTIONS *section) {

51

+ /**************************************** initialize OpenSSL CONF */

52

+

53

+ NOEXPORT int conf_init(SERVICE_OPTIONS *section) {

54

+-#if OPENSSL_VERSION_NUMBER>=0x10002000L

55

++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)

56

+     SSL_CONF_CTX *cctx;

57

+     NAME_LIST *curr;

58

+     char *cmd, *param;

59

+@@ -1247,7 +1247,7 @@ NOEXPORT void info_callback(const SSL *ssl, int where, int ret) {

60

+

61

+     c=SSL_get_ex_data((SSL *)ssl, index_ssl_cli);

62

+     if(c) {

63

+-#if OPENSSL_VERSION_NUMBER>=0x10100000L

64

++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

65

+         OSSL_HANDSHAKE_STATE state=SSL_get_state(ssl);

66

+ #else

67

+         int state=SSL_get_state((SSL *)ssl);

68

+diff --git a/src/options.c b/src/options.c

69

+index 103ea6c..756e48c 100644

70

+--- a/src/options.c

71

++++ b/src/options.c

72

+@@ -75,7 +75,7 @@ NOEXPORT char *sni_init(SERVICE_OPTIONS *);

73

+ NOEXPORT void sni_free(SERVICE_OPTIONS *);

74

+ #endif /* !defined(OPENSSL_NO_TLSEXT) */

75

+

76

+-#if OPENSSL_VERSION_NUMBER>=0x10100000L

77

++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

78

+ NOEXPORT int str_to_proto_version(const char *);

79

+ #else /* OPENSSL_VERSION_NUMBER<0x10100000L */

80

+ NOEXPORT char *tls_methods_set(SERVICE_OPTIONS *, const char *);

81

+@@ -3048,7 +3048,7 @@ NOEXPORT char *parse_service_option(CMD cmd, SERVICE_OPTIONS **section_ptr,

82

+         break;

83

+     }

84

+

85

+-#if OPENSSL_VERSION_NUMBER>=0x10100000L

86

++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

87

+

88

+     /* sslVersion */

89

+     switch(cmd) {

90

+@@ -3621,7 +3621,7 @@ NOEXPORT void sni_free(SERVICE_OPTIONS *section) {

91

+

92

+ /**************************************** modern TLS version handling */

93

+

94

+-#if OPENSSL_VERSION_NUMBER>=0x10100000L

95

++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

96

+

97

+ NOEXPORT int str_to_proto_version(const char *name) {

98

+     if(!strcasecmp(name, "all"))

99

+diff --git a/src/prototypes.h b/src/prototypes.h

100

+index aaf50fc..01343bf 100644

101

+--- a/src/prototypes.h

102

++++ b/src/prototypes.h

103

+@@ -223,7 +223,7 @@ typedef struct service_options_struct {

104

+ #if OPENSSL_VERSION_NUMBER>=0x009080dfL

105

+     long unsigned ssl_options_clear;

106

+ #endif /* OpenSSL 0.9.8m or later */

107

+-#if OPENSSL_VERSION_NUMBER>=0x10100000L

108

++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

109

+     int min_proto_version, max_proto_version;

110

+ #else /* OPENSSL_VERSION_NUMBER<0x10100000L */

111

+     SSL_METHOD *client_method, *server_method;

112

+@@ -663,7 +663,7 @@ int getnameinfo(const struct sockaddr *, socklen_t,

113

+ #define USE_OS_THREADS

114

+ #endif

115

+

116

+-#if OPENSSL_VERSION_NUMBER<0x10100004L

117

++#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)

118

+

119

+ #ifdef USE_OS_THREADS

120

+

121

+@@ -711,7 +711,7 @@ typedef enum {

122

+

123

+ extern CRYPTO_RWLOCK *stunnel_locks[STUNNEL_LOCKS];

124

+

125

+-#if OPENSSL_VERSION_NUMBER<0x10100004L

126

++#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)

127

+ /* Emulate the OpenSSL 1.1 locking API for older OpenSSL versions */

128

+ CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void);

129

+ int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *);

130

+diff --git a/src/ssl.c b/src/ssl.c

131

+index ad06cb5..0b45769 100644

132

+--- a/src/ssl.c

133

++++ b/src/ssl.c

134

+@@ -39,7 +39,7 @@

135

+ #include "prototypes.h"

136

+

137

+     /* global OpenSSL initialization: compression, engine, entropy */

138

+-#if OPENSSL_VERSION_NUMBER>=0x10100000L

139

++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

140

+ NOEXPORT int cb_dup_addr(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,

141

+     void *from_d, int idx, long argl, void *argp);

142

+ #else

143

+@@ -114,7 +114,7 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {

144

+ #endif

145

+ #endif

146

+

147

+-#if OPENSSL_VERSION_NUMBER>=0x10100000L

148

++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

149

+ NOEXPORT int cb_dup_addr(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,

150

+         void *from_d, int idx, long argl, void *argp) {

151

+ #else

152

+@@ -177,7 +177,7 @@ int ssl_configure(GLOBAL_OPTIONS *global) { /* configure global TLS settings */

153

+

154

+ #ifndef OPENSSL_NO_COMP

155

+

156

+-#if OPENSSL_VERSION_NUMBER<0x10100000L

157

++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

158

+

159

+ NOEXPORT int COMP_get_type(const COMP_METHOD *meth) {

160

+     return meth->type;

161

+diff --git a/src/sthreads.c b/src/sthreads.c

162

+index 412a31a..e12a330 100644

163

+--- a/src/sthreads.c

164

++++ b/src/sthreads.c

165

+@@ -97,14 +97,16 @@ unsigned long stunnel_thread_id(void) {

166

+

167

+ #endif /* USE_WIN32 */

168

+

169

+-#if OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100004L

170

++#if (OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100004L) || \

171

++    defined(LIBRESSL_VERSION_NUMBER)

172

+ NOEXPORT void threadid_func(CRYPTO_THREADID *tid) {

173

+     CRYPTO_THREADID_set_numeric(tid, stunnel_thread_id());

174

+ }

175

+ #endif

176

+

177

+ void thread_id_init(void) {

178

+-#if OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100000L

179

++#if (OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100000L) || \

180

++    defined(LIBRESSL_VERSION_NUMBER)

181

+     CRYPTO_THREADID_set_callback(threadid_func);

182

+ #endif

183

+ #if OPENSSL_VERSION_NUMBER<0x10000000L || !defined(OPENSSL_NO_DEPRECATED)

184

+@@ -115,7 +117,7 @@ void thread_id_init(void) {

185

+ /**************************************** locking */

186

+

187

+ /* we only need to initialize locking with OpenSSL older than 1.1.0 */

188

+-#if OPENSSL_VERSION_NUMBER<0x10100004L

189

++#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)

190

+

191

+ #ifdef USE_PTHREAD

192

+

193

+@@ -224,7 +226,7 @@ NOEXPORT int s_atomic_add(int *val, int amount, CRYPTO_RWLOCK *lock) {

194

+

195

+ CRYPTO_RWLOCK *stunnel_locks[STUNNEL_LOCKS];

196

+

197

+-#if OPENSSL_VERSION_NUMBER<0x10100004L

198

++#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)

199

+

200

+ #ifdef USE_OS_THREADS

201

+

202

+@@ -334,7 +336,8 @@ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock) {

203

+

204

+ void locking_init(void) {

205

+     size_t i;

206

+-#if defined(USE_OS_THREADS) && OPENSSL_VERSION_NUMBER<0x10100004L

207

++#if defined(USE_OS_THREADS) && \

208

++    (OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER))

209

+     size_t num;

210

+

211

+     /* initialize the OpenSSL static locking */

212

+diff --git a/src/tls.c b/src/tls.c

213

+index 9616df3..b89c61e 100644

214

+--- a/src/tls.c

215

++++ b/src/tls.c

216

+@@ -41,7 +41,7 @@

217

+ volatile int tls_initialized=0;

218

+

219

+ NOEXPORT void tls_platform_init();

220

+-#if OPENSSL_VERSION_NUMBER<0x10100000L

221

++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

222

+ NOEXPORT void free_function(void *);

223

+ #endif

224

+

225

+@@ -52,7 +52,7 @@ void tls_init() {

226

+     tls_platform_init();

227

+     tls_initialized=1;

228

+     ui_tls=tls_alloc(NULL, NULL, "ui");

229

+-#if OPENSSL_VERSION_NUMBER>=0x10100000L

230

++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

231

+     CRYPTO_set_mem_functions(str_alloc_detached_debug,

232

+         str_realloc_detached_debug, str_free_debug);

233

+ #else

234

+@@ -184,7 +184,7 @@ TLS_DATA *tls_get() {

235

+

236

+ /**************************************** OpenSSL allocator hook */

237

+

238

+-#if OPENSSL_VERSION_NUMBER<0x10100000L

239

++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

240

+ NOEXPORT void free_function(void *ptr) {

241

+     /* CRYPTO_set_mem_ex_functions() needs a function rather than a macro */

242

+     /* unfortunately, OpenSSL provides no file:line information here */

243

+diff --git a/src/verify.c b/src/verify.c

244

+index b4b5115..0457ce0 100644

245

+--- a/src/verify.c

246

++++ b/src/verify.c

247

+@@ -346,7 +346,7 @@ NOEXPORT int cert_check_local(X509_STORE_CTX *callback_ctx) {

248

+     cert=X509_STORE_CTX_get_current_cert(callback_ctx);

249

+     subject=X509_get_subject_name(cert);

250

+

251

+-#if OPENSSL_VERSION_NUMBER<0x10100006L

252

++#if OPENSSL_VERSION_NUMBER<0x10100006L || defined(LIBRESSL_VERSION_NUMBER)

253

+ #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs

254

+ #endif

255

+     /* modern API allows retrieving multiple matching certificates */

256

257

diff --git a/net-misc/stunnel/stunnel-5.50.ebuild b/net-misc/stunnel/stunnel-5.50-r1.ebuild

258

similarity index 96%

259

rename from net-misc/stunnel/stunnel-5.50.ebuild

260

rename to net-misc/stunnel/stunnel-5.50-r1.ebuild

261

index 428e58d9d2b..c2c51a0ff50 100644

262

--- a/net-misc/stunnel/stunnel-5.50.ebuild

263

+++ b/net-misc/stunnel/stunnel-5.50-r1.ebuild

264

@@ -1,4 +1,4 @@

265

-# Copyright 1999-2018 Gentoo Authors

266

+# Copyright 1999-2019 Gentoo Authors

267

 # Distributed under the terms of the GNU General Public License v2

268

269

 EAPI="6"

270

@@ -39,8 +39,8 @@ src_prepare() {

271

 	sed -i -e "s/^install-data-local:/do-not-run-this:/" \

272

 		tools/Makefile.in || die "sed failed"

273

274

-	# libressl compat

275

-	eapply "${FILESDIR}"/${PN}-5.48-compat-libressl.patch

276

+	# bug 656420

277

+	eapply "${FILESDIR}"/${P}-libressl.patch

278

279

 	echo "CONFIG_PROTECT=\"/etc/stunnel/stunnel.conf\"" > "${T}"/20stunnel

1	commit: 992eb4bfc2d96201fbc5587b5f29c9d81b278eb5
2	Author: Stefan Strogin <stefan.strogin <AT> gmail <DOT> com>
3	AuthorDate: Tue Feb 26 20:12:10 2019 +0000
4	Commit: Aaron Bauman <bman <AT> gentoo <DOT> org>
5	CommitDate: Tue Feb 26 22:28:20 2019 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=992eb4bf
7
8	net-misc/stunnel: update patch for LibreSSL support
9
10	Probably won't work with <dev-libs/libressl-2.7.0 (if it ever worked).
11
12	Closes: https://bugs.gentoo.org/656420
13	Package-Manager: Portage-2.3.62, Repoman-2.3.12
14	Signed-off-by: Stefan Strogin <stefan.strogin <AT> gmail.com>
15	Closes: https://github.com/gentoo/gentoo/pull/11164
16	Signed-off-by: Aaron Bauman <bman <AT> gentoo.org>
17
18	net-misc/stunnel/files/stunnel-5.50-libressl.patch \| 228 +++++++++++++++++++++
19	...{stunnel-5.50.ebuild => stunnel-5.50-r1.ebuild} \| 6 +-
20	2 files changed, 231 insertions(+), 3 deletions(-)
21
22	diff --git a/net-misc/stunnel/files/stunnel-5.50-libressl.patch b/net-misc/stunnel/files/stunnel-5.50-libressl.patch
23	new file mode 100644
24	index 00000000000..4481220c268
25	--- /dev/null
26	+++ b/net-misc/stunnel/files/stunnel-5.50-libressl.patch
27	@@ -0,0 +1,228 @@
28	+diff --git a/src/ctx.c b/src/ctx.c
29	+index cd59f4e..b41be1b 100644
30	+--- a/src/ctx.c
31	++++ b/src/ctx.c
32	+@@ -118,7 +118,7 @@ NOEXPORT void sslerror_log(unsigned long, char *);
33	+
34	+ /**************************************** initialize section->ctx */
35	+
36	+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
37	++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
38	+ typedef long unsigned SSL_OPTIONS_TYPE;
39	+ #else
40	+ typedef long SSL_OPTIONS_TYPE;
41	+@@ -126,7 +126,7 @@ typedef long SSL_OPTIONS_TYPE;
42	+
43	+ int context_init(SERVICE_OPTIONS section) { / init TLS context */
44	+ /* create TLS context */
45	+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
46	++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
47	+ if(section->option.client)
48	+ section->ctx=SSL_CTX_new(TLS_client_method());
49	+ else /* server mode */
50	+@@ -437,7 +437,7 @@ NOEXPORT int ecdh_init(SERVICE_OPTIONS *section) {
51	+ /**************************************** initialize OpenSSL CONF */
52	+
53	+ NOEXPORT int conf_init(SERVICE_OPTIONS *section) {
54	+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
55	++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
56	+ SSL_CONF_CTX *cctx;
57	+ NAME_LIST *curr;
58	+ char cmd, param;
59	+@@ -1247,7 +1247,7 @@ NOEXPORT void info_callback(const SSL *ssl, int where, int ret) {
60	+
61	+ c=SSL_get_ex_data((SSL *)ssl, index_ssl_cli);
62	+ if(c) {
63	+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
64	++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
65	+ OSSL_HANDSHAKE_STATE state=SSL_get_state(ssl);
66	+ #else
67	+ int state=SSL_get_state((SSL *)ssl);
68	+diff --git a/src/options.c b/src/options.c
69	+index 103ea6c..756e48c 100644
70	+--- a/src/options.c
71	++++ b/src/options.c
72	+@@ -75,7 +75,7 @@ NOEXPORT char sni_init(SERVICE_OPTIONS );
73	+ NOEXPORT void sni_free(SERVICE_OPTIONS *);
74	+ #endif /* !defined(OPENSSL_NO_TLSEXT) */
75	+
76	+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
77	++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
78	+ NOEXPORT int str_to_proto_version(const char *);
79	+ #else /* OPENSSL_VERSION_NUMBER<0x10100000L */
80	+ NOEXPORT char tls_methods_set(SERVICE_OPTIONS , const char *);
81	+@@ -3048,7 +3048,7 @@ NOEXPORT char parse_service_option(CMD cmd, SERVICE_OPTIONS *section_ptr,
82	+ break;
83	+ }
84	+
85	+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
86	++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
87	+
88	+ /* sslVersion */
89	+ switch(cmd) {
90	+@@ -3621,7 +3621,7 @@ NOEXPORT void sni_free(SERVICE_OPTIONS *section) {
91	+
92	+ /**************************************** modern TLS version handling */
93	+
94	+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
95	++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
96	+
97	+ NOEXPORT int str_to_proto_version(const char *name) {
98	+ if(!strcasecmp(name, "all"))
99	+diff --git a/src/prototypes.h b/src/prototypes.h
100	+index aaf50fc..01343bf 100644
101	+--- a/src/prototypes.h
102	++++ b/src/prototypes.h
103	+@@ -223,7 +223,7 @@ typedef struct service_options_struct {
104	+ #if OPENSSL_VERSION_NUMBER>=0x009080dfL
105	+ long unsigned ssl_options_clear;
106	+ #endif /* OpenSSL 0.9.8m or later */
107	+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
108	++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
109	+ int min_proto_version, max_proto_version;
110	+ #else /* OPENSSL_VERSION_NUMBER<0x10100000L */
111	+ SSL_METHOD client_method, server_method;
112	+@@ -663,7 +663,7 @@ int getnameinfo(const struct sockaddr *, socklen_t,
113	+ #define USE_OS_THREADS
114	+ #endif
115	+
116	+-#if OPENSSL_VERSION_NUMBER<0x10100004L
117	++#if OPENSSL_VERSION_NUMBER<0x10100004L \|\| defined(LIBRESSL_VERSION_NUMBER)
118	+
119	+ #ifdef USE_OS_THREADS
120	+
121	+@@ -711,7 +711,7 @@ typedef enum {
122	+
123	+ extern CRYPTO_RWLOCK *stunnel_locks[STUNNEL_LOCKS];
124	+
125	+-#if OPENSSL_VERSION_NUMBER<0x10100004L
126	++#if OPENSSL_VERSION_NUMBER<0x10100004L \|\| defined(LIBRESSL_VERSION_NUMBER)
127	+ /* Emulate the OpenSSL 1.1 locking API for older OpenSSL versions */
128	+ CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void);
129	+ int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *);
130	+diff --git a/src/ssl.c b/src/ssl.c
131	+index ad06cb5..0b45769 100644
132	+--- a/src/ssl.c
133	++++ b/src/ssl.c
134	+@@ -39,7 +39,7 @@
135	+ #include "prototypes.h"
136	+
137	+ /* global OpenSSL initialization: compression, engine, entropy */
138	+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
139	++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
140	+ NOEXPORT int cb_dup_addr(CRYPTO_EX_DATA to, const CRYPTO_EX_DATA from,
141	+ void from_d, int idx, long argl, void argp);
142	+ #else
143	+@@ -114,7 +114,7 @@ int DH_set0_pqg(DH dh, BIGNUM p, BIGNUM q, BIGNUM g) {
144	+ #endif
145	+ #endif
146	+
147	+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
148	++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
149	+ NOEXPORT int cb_dup_addr(CRYPTO_EX_DATA to, const CRYPTO_EX_DATA from,
150	+ void from_d, int idx, long argl, void argp) {
151	+ #else
152	+@@ -177,7 +177,7 @@ int ssl_configure(GLOBAL_OPTIONS global) { / configure global TLS settings */
153	+
154	+ #ifndef OPENSSL_NO_COMP
155	+
156	+-#if OPENSSL_VERSION_NUMBER<0x10100000L
157	++#if OPENSSL_VERSION_NUMBER<0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
158	+
159	+ NOEXPORT int COMP_get_type(const COMP_METHOD *meth) {
160	+ return meth->type;
161	+diff --git a/src/sthreads.c b/src/sthreads.c
162	+index 412a31a..e12a330 100644
163	+--- a/src/sthreads.c
164	++++ b/src/sthreads.c
165	+@@ -97,14 +97,16 @@ unsigned long stunnel_thread_id(void) {
166	+
167	+ #endif /* USE_WIN32 */
168	+
169	+-#if OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100004L
170	++#if (OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100004L) \|\| \
171	++ defined(LIBRESSL_VERSION_NUMBER)
172	+ NOEXPORT void threadid_func(CRYPTO_THREADID *tid) {
173	+ CRYPTO_THREADID_set_numeric(tid, stunnel_thread_id());
174	+ }
175	+ #endif
176	+
177	+ void thread_id_init(void) {
178	+-#if OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100000L
179	++#if (OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100000L) \|\| \
180	++ defined(LIBRESSL_VERSION_NUMBER)
181	+ CRYPTO_THREADID_set_callback(threadid_func);
182	+ #endif
183	+ #if OPENSSL_VERSION_NUMBER<0x10000000L \|\| !defined(OPENSSL_NO_DEPRECATED)
184	+@@ -115,7 +117,7 @@ void thread_id_init(void) {
185	+ /**************************************** locking */
186	+
187	+ /* we only need to initialize locking with OpenSSL older than 1.1.0 */
188	+-#if OPENSSL_VERSION_NUMBER<0x10100004L
189	++#if OPENSSL_VERSION_NUMBER<0x10100004L \|\| defined(LIBRESSL_VERSION_NUMBER)
190	+
191	+ #ifdef USE_PTHREAD
192	+
193	+@@ -224,7 +226,7 @@ NOEXPORT int s_atomic_add(int val, int amount, CRYPTO_RWLOCK lock) {
194	+
195	+ CRYPTO_RWLOCK *stunnel_locks[STUNNEL_LOCKS];
196	+
197	+-#if OPENSSL_VERSION_NUMBER<0x10100004L
198	++#if OPENSSL_VERSION_NUMBER<0x10100004L \|\| defined(LIBRESSL_VERSION_NUMBER)
199	+
200	+ #ifdef USE_OS_THREADS
201	+
202	+@@ -334,7 +336,8 @@ int CRYPTO_atomic_add(int val, int amount, int ret, CRYPTO_RWLOCK *lock) {
203	+
204	+ void locking_init(void) {
205	+ size_t i;
206	+-#if defined(USE_OS_THREADS) && OPENSSL_VERSION_NUMBER<0x10100004L
207	++#if defined(USE_OS_THREADS) && \
208	++ (OPENSSL_VERSION_NUMBER<0x10100004L \|\| defined(LIBRESSL_VERSION_NUMBER))
209	+ size_t num;
210	+
211	+ /* initialize the OpenSSL static locking */
212	+diff --git a/src/tls.c b/src/tls.c
213	+index 9616df3..b89c61e 100644
214	+--- a/src/tls.c
215	++++ b/src/tls.c
216	+@@ -41,7 +41,7 @@
217	+ volatile int tls_initialized=0;
218	+
219	+ NOEXPORT void tls_platform_init();
220	+-#if OPENSSL_VERSION_NUMBER<0x10100000L
221	++#if OPENSSL_VERSION_NUMBER<0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
222	+ NOEXPORT void free_function(void *);
223	+ #endif
224	+
225	+@@ -52,7 +52,7 @@ void tls_init() {
226	+ tls_platform_init();
227	+ tls_initialized=1;
228	+ ui_tls=tls_alloc(NULL, NULL, "ui");
229	+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
230	++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
231	+ CRYPTO_set_mem_functions(str_alloc_detached_debug,
232	+ str_realloc_detached_debug, str_free_debug);
233	+ #else
234	+@@ -184,7 +184,7 @@ TLS_DATA *tls_get() {
235	+
236	+ /**************************************** OpenSSL allocator hook */
237	+
238	+-#if OPENSSL_VERSION_NUMBER<0x10100000L
239	++#if OPENSSL_VERSION_NUMBER<0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
240	+ NOEXPORT void free_function(void *ptr) {
241	+ /* CRYPTO_set_mem_ex_functions() needs a function rather than a macro */
242	+ /* unfortunately, OpenSSL provides no file:line information here */
243	+diff --git a/src/verify.c b/src/verify.c
244	+index b4b5115..0457ce0 100644
245	+--- a/src/verify.c
246	++++ b/src/verify.c
247	+@@ -346,7 +346,7 @@ NOEXPORT int cert_check_local(X509_STORE_CTX *callback_ctx) {
248	+ cert=X509_STORE_CTX_get_current_cert(callback_ctx);
249	+ subject=X509_get_subject_name(cert);
250	+
251	+-#if OPENSSL_VERSION_NUMBER<0x10100006L
252	++#if OPENSSL_VERSION_NUMBER<0x10100006L \|\| defined(LIBRESSL_VERSION_NUMBER)
253	+ #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs
254	+ #endif
255	+ /* modern API allows retrieving multiple matching certificates */
256
257	diff --git a/net-misc/stunnel/stunnel-5.50.ebuild b/net-misc/stunnel/stunnel-5.50-r1.ebuild
258	similarity index 96%
259	rename from net-misc/stunnel/stunnel-5.50.ebuild
260	rename to net-misc/stunnel/stunnel-5.50-r1.ebuild
261	index 428e58d9d2b..c2c51a0ff50 100644
262	--- a/net-misc/stunnel/stunnel-5.50.ebuild
263	+++ b/net-misc/stunnel/stunnel-5.50-r1.ebuild
264	@@ -1,4 +1,4 @@
265	-# Copyright 1999-2018 Gentoo Authors
266	+# Copyright 1999-2019 Gentoo Authors
267	# Distributed under the terms of the GNU General Public License v2
268
269	EAPI="6"
270	@@ -39,8 +39,8 @@ src_prepare() {
271	sed -i -e "s/^install-data-local:/do-not-run-this:/" \
272	tools/Makefile.in \|\| die "sed failed"
273
274	- # libressl compat
275	- eapply "${FILESDIR}"/${PN}-5.48-compat-libressl.patch
276	+ # bug 656420
277	+ eapply "${FILESDIR}"/${P}-libressl.patch
278
279	echo "CONFIG_PROTECT=\"/etc/stunnel/stunnel.conf\"" > "${T}"/20stunnel

Gentoo Archives: gentoo-commits