From: "Anthony G. Basile" <blueness@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: net-misc/stunnel/files/, net-misc/stunnel/
Date: Sat, 28 Jan 2017 13:23:03 +0000 (UTC) [thread overview]
Message-ID: <1485609756.ed175c5284d66d77c891808de3239f187ee636f4.blueness@gentoo> (raw)
commit: ed175c5284d66d77c891808de3239f187ee636f4
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Sat Jan 28 13:22:36 2017 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sat Jan 28 13:22:36 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ed175c52
net-misc/stunnel: fix build on libressl, bug #584298
Package-Manager: portage-2.3.3
.../files/stunnel-5.39-compat-libressl.patch | 132 +++++++++++++++++++++
net-misc/stunnel/stunnel-5.39.ebuild | 2 +-
2 files changed, 133 insertions(+), 1 deletion(-)
diff --git a/net-misc/stunnel/files/stunnel-5.39-compat-libressl.patch b/net-misc/stunnel/files/stunnel-5.39-compat-libressl.patch
new file mode 100644
index 00000000..7c4f743
--- /dev/null
+++ b/net-misc/stunnel/files/stunnel-5.39-compat-libressl.patch
@@ -0,0 +1,132 @@
+diff -Naur stunnel-5.30.orig/src/ctx.c stunnel-5.30/src/ctx.c
+--- stunnel-5.30.orig/src/ctx.c 2016-01-15 16:45:23.000000000 +0000
++++ stunnel-5.30/src/ctx.c 2016-05-14 15:16:47.392859450 +0000
+@@ -359,7 +359,7 @@
+ /**************************************** initialize OpenSSL CONF */
+
+ NOEXPORT int conf_init(SERVICE_OPTIONS *section) {
+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+ SSL_CONF_CTX *cctx;
+ NAME_LIST *curr;
+ char *cmd, *param;
+diff -Naur stunnel-5.30.orig/src/verify.c stunnel-5.30/src/verify.c
+--- stunnel-5.30.orig/src/verify.c 2016-01-15 16:45:23.000000000 +0000
++++ stunnel-5.30/src/verify.c 2016-05-14 15:16:10.369860180 +0000
+@@ -51,7 +51,7 @@
+ NOEXPORT int verify_callback(int, X509_STORE_CTX *);
+ NOEXPORT int verify_checks(CLI *, int, X509_STORE_CTX *);
+ NOEXPORT int cert_check(CLI *, X509_STORE_CTX *, int);
+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+ NOEXPORT int cert_check_subject(CLI *, X509_STORE_CTX *);
+ #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
+ NOEXPORT int cert_check_local(X509_STORE_CTX *);
+@@ -280,7 +280,7 @@
+ }
+
+ if(depth==0) { /* additional peer certificate checks */
+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+ if(!cert_check_subject(c, callback_ctx))
+ return 0; /* reject */
+ #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
+@@ -291,7 +291,7 @@
+ return 1; /* accept */
+ }
+
+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+ NOEXPORT int cert_check_subject(CLI *c, X509_STORE_CTX *callback_ctx) {
+ X509 *cert=X509_STORE_CTX_get_current_cert(callback_ctx);
+ NAME_LIST *ptr;
+diff --git a/src/common.h b/src/common.h
+index 93f165e..491d9de 100644
+--- a/src/common.h
++++ b/src/common.h
+@@ -448,7 +448,7 @@ extern char *sys_errlist[];
+ #define OPENSSL_NO_TLS1_2
+ #endif /* OpenSSL older than 1.0.1 || defined(OPENSSL_NO_TLS1) */
+
+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ #ifndef OPENSSL_NO_SSL2
+ #define OPENSSL_NO_SSL2
+ #endif /* !defined(OPENSSL_NO_SSL2) */
+@@ -474,7 +474,7 @@ extern char *sys_errlist[];
+ #include <openssl/des.h>
+ #ifndef OPENSSL_NO_DH
+ #include <openssl/dh.h>
+-#if OPENSSL_VERSION_NUMBER<0x10100000L
++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ #endif /* OpenSSL older than 1.1.0 */
+ #endif /* !defined(OPENSSL_NO_DH) */
+diff --git a/src/prototypes.h b/src/prototypes.h
+index 303ff77..ae22598 100644
+--- a/src/prototypes.h
++++ b/src/prototypes.h
+@@ -664,13 +664,13 @@ typedef enum {
+ #endif /* OPENSSL_NO_DH */
+ STUNNEL_LOCKS /* number of locks */
+ } LOCK_TYPE;
+-#if OPENSSL_VERSION_NUMBER < 0x10100004L
++#if OPENSSL_VERSION_NUMBER < 0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
+ typedef int STUNNEL_RWLOCK;
+ #else
+ typedef CRYPTO_RWLOCK *STUNNEL_RWLOCK;
+ #endif
+ extern STUNNEL_RWLOCK stunnel_locks[STUNNEL_LOCKS];
+-#if OPENSSL_VERSION_NUMBER>=0x10100004L
++#if OPENSSL_VERSION_NUMBER>=0x10100004L && !defined(LIBRESSL_VERSION_NUMBER)
+ #define CRYPTO_THREAD_read_unlock(type) CRYPTO_THREAD_unlock(type)
+ #define CRYPTO_THREAD_write_unlock(type) CRYPTO_THREAD_unlock(type)
+ #else
+diff --git a/src/ssl.c b/src/ssl.c
+index a7af7e6..1483734 100644
+--- a/src/ssl.c
++++ b/src/ssl.c
+@@ -50,7 +50,7 @@ NOEXPORT int add_rand_file(GLOBAL_OPTIONS *, const char *);
+ int index_cli, index_opt, index_redirect, index_addr;
+
+ int ssl_init(void) { /* init TLS before parsing configuration file */
+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS |
+ OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
+ #else
+@@ -83,7 +83,7 @@ int ssl_init(void) { /* init TLS before parsing configuration file */
+ }
+
+ #ifndef OPENSSL_NO_DH
+-#if OPENSSL_VERSION_NUMBER<0x10100000L
++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ /* this is needed for dhparam.c generated with OpenSSL >= 1.1.0
+ * to be linked against the older versions */
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {
+diff --git a/src/sthreads.c b/src/sthreads.c
+index 59c24a2..04fb256 100644
+--- a/src/sthreads.c
++++ b/src/sthreads.c
+@@ -47,7 +47,7 @@
+ STUNNEL_RWLOCK stunnel_locks[STUNNEL_LOCKS];
+ #endif
+
+-#if OPENSSL_VERSION_NUMBER<0x10100004L
++#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
+ #define CRYPTO_THREAD_lock_new() CRYPTO_get_new_dynlockid()
+ #endif
+
+diff --git a/src/verify.c b/src/verify.c
+index ac1c3ee..3e3bda4 100644
+--- a/src/verify.c
++++ b/src/verify.c
+@@ -348,7 +348,7 @@ NOEXPORT int cert_check_local(X509_STORE_CTX *callback_ctx) {
+ cert=X509_STORE_CTX_get_current_cert(callback_ctx);
+ subject=X509_get_subject_name(cert);
+
+-#if OPENSSL_VERSION_NUMBER>=0x10000000L
++#if OPENSSL_VERSION_NUMBER>=0x10000000L && !defined(LIBRESSL_VERSION_NUMBER)
+ #if OPENSSL_VERSION_NUMBER<0x10100006L
+ #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs
+ #endif
diff --git a/net-misc/stunnel/stunnel-5.39.ebuild b/net-misc/stunnel/stunnel-5.39.ebuild
index 4275ec9..b1e4715 100644
--- a/net-misc/stunnel/stunnel-5.39.ebuild
+++ b/net-misc/stunnel/stunnel-5.39.ebuild
@@ -41,7 +41,7 @@ src_prepare() {
tools/Makefile.in || die "sed failed"
# libressl compat
- eapply "${FILESDIR}"/stunnel-compat-libressl.patch
+ eapply "${FILESDIR}"/${P}-compat-libressl.patch
echo "CONFIG_PROTECT=\"/etc/stunnel/stunnel.conf\"" > "${T}"/20stunnel
next reply other threads:[~2017-01-28 13:23 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-28 13:23 Anthony G. Basile [this message]
-- strict thread matches above, loose matches on Subject: below --
2023-10-04 15:57 [gentoo-commits] repo/gentoo:master commit in: net-misc/stunnel/files/, net-misc/stunnel/ Sam James
2019-05-22 5:49 Stefan Strogin
2019-04-24 4:56 Aaron Bauman
2018-07-09 2:35 Anthony G. Basile
2016-05-11 14:23 Anthony G. Basile
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1485609756.ed175c5284d66d77c891808de3239f187ee636f4.blueness@gentoo \
--to=blueness@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox