* [gentoo-commits] repo/gentoo:master commit in: net-libs/neon/, net-libs/neon/files/
@ 2016-02-17 21:08 Alexis Ballier
0 siblings, 0 replies; 3+ messages in thread
From: Alexis Ballier @ 2016-02-17 21:08 UTC (permalink / raw
To: gentoo-commits
commit: 8de0c5c4f0e7c862d82893a94945d32b4cc38076
Author: Alexis Ballier <aballier <AT> gentoo <DOT> org>
AuthorDate: Wed Feb 17 20:12:14 2016 +0000
Commit: Alexis Ballier <aballier <AT> gentoo <DOT> org>
CommitDate: Wed Feb 17 21:08:07 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8de0c5c4
net-libs/neon: Import patch from debian & upstream to fix build with gnutls 3.4. Bug #546114.
Package-Manager: portage-2.2.27
Signed-off-by: Alexis Ballier <aballier <AT> gentoo.org>
net-libs/neon/files/neon-0.30.1-gnutls3.4.patch | 282 ++++++++++++++++++++++++
net-libs/neon/neon-0.30.1-r1.ebuild | 3 +-
2 files changed, 284 insertions(+), 1 deletion(-)
diff --git a/net-libs/neon/files/neon-0.30.1-gnutls3.4.patch b/net-libs/neon/files/neon-0.30.1-gnutls3.4.patch
new file mode 100644
index 0000000..c5165a0
--- /dev/null
+++ b/net-libs/neon/files/neon-0.30.1-gnutls3.4.patch
@@ -0,0 +1,282 @@
+Description: fix building with GnuTLS 3.4
+ Rewrite GnuTLS PKCS#11 support to work (exclusively) with the new
+ GnuTLS 3.x API.
+Origin: upstream, r1963
+Author: Joe Orton <joe@light.plus.com>
+Bug-Debian: https://bugs.debian.org/782832
+Last-Update: 2015-10-03
+
+---
+
+--- neon27-0.30.1.orig/macros/neon.m4
++++ neon27-0.30.1/macros/neon.m4
+@@ -982,10 +982,11 @@ gnutls)
+
+ # Check for functions in later releases
+ NE_CHECK_FUNCS([gnutls_session_get_data2 gnutls_x509_dn_get_rdn_ava \
+- gnutls_sign_callback_set \
+ gnutls_certificate_get_issuer \
+ gnutls_certificate_get_x509_cas \
+- gnutls_x509_crt_sign2])
++ gnutls_x509_crt_sign2 \
++ gnutls_certificate_set_retrieve_function2 \
++ gnutls_privkey_import_ext])
+
+ # fail if gnutls_x509_crt_sign2 is not found (it was introduced in 1.2.0, which is required)
+ if test x${ac_cv_func_gnutls_x509_crt_sign2} != xyes; then
+@@ -1039,7 +1040,7 @@ posix|yes)
+ ;;
+ esac
+
+-case ${with_pakchois}X${ac_cv_func_gnutls_sign_callback_set}Y${ne_cv_lib_ssl097} in
++case ${with_pakchois}X${ac_cv_func_gnutls_privkey_import_ext}Y${ne_cv_lib_ssl097} in
+ noX*Y*) ;;
+ *X*Yyes|*XyesY*)
+ # PKCS#11... ho!
+--- neon27-0.30.1.orig/src/ne_gnutls.c
++++ neon27-0.30.1/src/ne_gnutls.c
+@@ -89,6 +89,13 @@ struct ne_ssl_client_cert_s {
+ ne_ssl_certificate cert;
+ gnutls_x509_privkey_t pkey;
+ char *friendly_name;
++#ifdef HAVE_GNUTLS_PRIVKEY_IMPORT_EXT
++ /* Signing callback & userdata provided by ne_pkcs11.c. It would
++ * be better to rewrite the whole module to use gnutls_privkey_t
++ * directly, but it seems impossible to dup such an object. */
++ gnutls_privkey_sign_func sign_func;
++ void *sign_ud;
++#endif
+ };
+
+ /* Returns the highest used index in subject (or issuer) DN of
+@@ -525,6 +532,10 @@ static ne_ssl_client_cert *dup_client_ce
+
+ if (cc->keyless) {
+ newcc->keyless = 1;
++#ifdef HAVE_GNUTLS_PRIVKEY_IMPORT_EXT
++ newcc->sign_func = cc->sign_func;
++ newcc->sign_ud = cc->sign_ud;
++#endif
+ }
+ else {
+ ret = gnutls_x509_privkey_init(&newcc->pkey);
+@@ -553,7 +564,15 @@ dup_error:
+ static int provide_client_cert(gnutls_session_t session,
+ const gnutls_datum_t *req_ca_rdn, int nreqs,
+ const gnutls_pk_algorithm_t *sign_algos,
+- int sign_algos_length, gnutls_retr_st *st)
++ int sign_algos_length,
++#ifdef HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION2
++ gnutls_pcert_st **pcert,
++ unsigned int *pcert_length,
++ gnutls_privkey_t *pkey
++#else
++ gnutls_retr2_st *st
++#endif
++ )
+ {
+ ne_session *sess = gnutls_session_get_ptr(session);
+
+@@ -611,27 +630,59 @@ static int provide_client_cert(gnutls_se
+ if (sess->client_cert) {
+ gnutls_certificate_type_t type = gnutls_certificate_type_get(session);
+ if (type == GNUTLS_CRT_X509
+-#if LIBGNUTLS_VERSION_NUMBER > 0x030000
+- /* Ugly hack; prevent segfaults w/GnuTLS 3.0. */
+- && sess->client_cert->pkey != NULL
++ && (sess->client_cert->pkey || sess->client_cert->keyless)) {
++ int ret;
++
++#ifdef HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION2
++ *pkey = gnutls_malloc(sizeof *pkey);
++ gnutls_privkey_init(pkey);
++
++#ifdef HAVE_GNUTLS_PRIVKEY_IMPORT_EXT
++ if (sess->client_cert->sign_func) {
++ int algo = gnutls_x509_crt_get_pk_algorithm(sess->client_cert->cert.subject, NULL);
++ NE_DEBUG(NE_DBG_SSL, "ssl: Signing for %s.\n", gnutls_pk_algorithm_get_name(algo));
++
++ ret = gnutls_privkey_import_ext(*pkey, algo, sess->client_cert->sign_ud,
++ sess->client_cert->sign_func, NULL, 0);
++ }
++ else
+ #endif
+- ) {
+- NE_DEBUG(NE_DBG_SSL, "Supplying client certificate.\n");
++ if (sess->client_cert->keyless) {
++ ret = GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
++ }
++ else {
++ ret = gnutls_privkey_import_x509(*pkey, sess->client_cert->pkey, 0);
++ }
+
+- st->type = type;
++ if (ret) {
++ NE_DEBUG(NE_DBG_SSL, "ssl: Failed to import private key: %s.\n", gnutls_strerror(ret));
++ ne_set_error(sess, _("Failed to import private key: %s"), gnutls_strerror(ret));
++ return ret;
++ }
++
++ *pcert = gnutls_malloc(sizeof *pcert);
++ gnutls_pcert_import_x509(*pcert, sess->client_cert->cert.subject, 0);
++ *pcert_length = 1;
++#else /* !HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION2 */
++ st->cert_type = type;
+ st->ncerts = 1;
+ st->cert.x509 = &sess->client_cert->cert.subject;
+ st->key.x509 = sess->client_cert->pkey;
+
+ /* tell GNU TLS not to deallocate the certs. */
+ st->deinit_all = 0;
++#endif
+ } else {
+ return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
+ }
+ }
+ else {
+- NE_DEBUG(NE_DBG_SSL, "No client certificate supplied.\n");
++ NE_DEBUG(NE_DBG_SSL, "ssl: No client certificate supplied.\n");
++#ifdef HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION2
++ *pcert_length = 0;
++#else
+ st->ncerts = 0;
++#endif
+ sess->ssl_cc_requested = 1;
+ return 0;
+ }
+@@ -649,8 +700,12 @@ ne_ssl_context *ne_ssl_context_create(in
+ ne_ssl_context *ctx = ne_calloc(sizeof *ctx);
+ gnutls_certificate_allocate_credentials(&ctx->cred);
+ if (flags == NE_SSL_CTX_CLIENT) {
++#ifdef HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION2
++ gnutls_certificate_set_retrieve_function2(ctx->cred, provide_client_cert);
++#else
+ gnutls_certificate_client_set_retrieve_function(ctx->cred,
+ provide_client_cert);
++#endif
+ }
+ gnutls_certificate_set_verify_flags(ctx->cred,
+ GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
+@@ -1206,8 +1261,10 @@ ne_ssl_client_cert *ne_ssl_clicert_impor
+ }
+ }
+
+-ne_ssl_client_cert *ne__ssl_clicert_exkey_import(const unsigned char *der,
+- size_t der_len)
++#ifdef HAVE_GNUTLS_PRIVKEY_IMPORT_EXT
++ne_ssl_client_cert *ne__ssl_clicert_exkey_import(const unsigned char *der, size_t der_len,
++ gnutls_privkey_sign_func sign_func,
++ void *userdata)
+ {
+ ne_ssl_client_cert *cc;
+ gnutls_x509_crt_t x5;
+@@ -1226,9 +1283,12 @@ ne_ssl_client_cert *ne__ssl_clicert_exke
+ cc->keyless = 1;
+ cc->decrypted = 1;
+ populate_cert(&cc->cert, x5);
++ cc->sign_func = sign_func;
++ cc->sign_ud = userdata;
+
+- return cc;
++ return cc;
+ }
++#endif
+
+ int ne_ssl_clicert_encrypted(const ne_ssl_client_cert *cc)
+ {
+--- neon27-0.30.1.orig/src/ne_pkcs11.c
++++ neon27-0.30.1/src/ne_pkcs11.c
+@@ -156,6 +156,13 @@ static RSA_METHOD *pk11_rsa_method(ne_ss
+ }
+ #endif
+
++#ifdef HAVE_GNUTLS
++static int pk11_sign_callback(gnutls_privkey_t pkey,
++ void *userdata,
++ const gnutls_datum_t *raw_data,
++ gnutls_datum_t *signature);
++#endif
++
+ static int pk11_find_x509(ne_ssl_pkcs11_provider *prov,
+ pakchois_session_t *pks,
+ unsigned char *certid, unsigned long *cid_len)
+@@ -203,7 +210,7 @@ static int pk11_find_x509(ne_ssl_pkcs11_
+ ne_ssl_client_cert *cc;
+
+ #ifdef HAVE_GNUTLS
+- cc = ne__ssl_clicert_exkey_import(value, a[0].value_len);
++ cc = ne__ssl_clicert_exkey_import(value, a[0].value_len, pk11_sign_callback, prov);
+ #else
+ cc = ne__ssl_clicert_exkey_import(value, a[0].value_len, pk11_rsa_method(prov));
+ #endif
+@@ -298,10 +305,8 @@ static int find_client_cert(ne_ssl_pkcs1
+ #ifdef HAVE_GNUTLS
+ /* Callback invoked by GnuTLS to provide the signature. The signature
+ * operation is handled here by the PKCS#11 provider. */
+-static int pk11_sign_callback(gnutls_session_t session,
++static int pk11_sign_callback(gnutls_privkey_t pkey,
+ void *userdata,
+- gnutls_certificate_type_t cert_type,
+- const gnutls_datum_t *cert,
+ const gnutls_datum_t *hash,
+ gnutls_datum_t *signature)
+ {
+@@ -571,11 +576,6 @@ void ne_ssl_pkcs11_provider_pin(ne_ssl_p
+ void ne_ssl_set_pkcs11_provider(ne_session *sess,
+ ne_ssl_pkcs11_provider *provider)
+ {
+-#ifdef HAVE_GNUTLS
+- sess->ssl_context->sign_func = pk11_sign_callback;
+- sess->ssl_context->sign_data = provider;
+-#endif
+-
+ ne_ssl_provide_clicert(sess, pk11_provide, provider);
+ }
+
+--- neon27-0.30.1.orig/src/ne_privssl.h
++++ neon27-0.30.1/src/ne_privssl.h
+@@ -58,6 +58,10 @@ ne__ssl_clicert_exkey_import(const unsig
+
+ #include <gnutls/gnutls.h>
+
++#ifdef HAVE_GNUTLS_PRIVKEY_IMPORT_EXT
++#include <gnutls/abstract.h>
++#endif
++
+ struct ne_ssl_context_s {
+ gnutls_certificate_credentials_t cred;
+ int verify; /* non-zero if client cert verification required */
+@@ -78,17 +82,13 @@ struct ne_ssl_context_s {
+ } client;
+ #endif
+ } cache;
+-
+-#ifdef HAVE_GNUTLS_SIGN_CALLBACK_SET
+- gnutls_sign_func sign_func;
+- void *sign_data;
+-#endif
+ };
+
+ typedef gnutls_session_t ne_ssl_socket;
+
+ NE_PRIVATE ne_ssl_client_cert *
+-ne__ssl_clicert_exkey_import(const unsigned char *der, size_t der_len);
++ne__ssl_clicert_exkey_import(const unsigned char *der, size_t der_len,
++ gnutls_privkey_sign_func sign_func, void *userdata);
+
+ #endif /* HAVE_GNUTLS */
+
+--- neon27-0.30.1.orig/src/ne_socket.c
++++ neon27-0.30.1/src/ne_socket.c
+@@ -1793,11 +1793,6 @@ int ne_sock_connect_ssl(ne_socket *sock,
+ gnutls_session_set_ptr(sock->ssl, userdata);
+ gnutls_credentials_set(sock->ssl, GNUTLS_CRD_CERTIFICATE, ctx->cred);
+
+-#ifdef HAVE_GNUTLS_SIGN_CALLBACK_SET
+- if (ctx->sign_func)
+- gnutls_sign_callback_set(sock->ssl, ctx->sign_func, ctx->sign_data);
+-#endif
+-
+ if (ctx->hostname) {
+ gnutls_server_name_set(sock->ssl, GNUTLS_NAME_DNS, ctx->hostname,
+ strlen(ctx->hostname));
diff --git a/net-libs/neon/neon-0.30.1-r1.ebuild b/net-libs/neon/neon-0.30.1-r1.ebuild
index c2b7f79..e4de832 100644
--- a/net-libs/neon/neon-0.30.1-r1.ebuild
+++ b/net-libs/neon/neon-0.30.1-r1.ebuild
@@ -56,7 +56,8 @@ src_prepare() {
done
sed -e "s/ALL_LINGUAS=.*/ALL_LINGUAS=\"${linguas}\"/" -i configure.ac || die
- epatch "${FILESDIR}"/${P}-xml2-config.patch
+ epatch "${FILESDIR}"/${P}-xml2-config.patch \
+ "${FILESDIR}"/${P}-gnutls3.4.patch
AT_M4DIR="macros" eautoreconf
elibtoolize
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-libs/neon/, net-libs/neon/files/
@ 2017-04-04 19:50 Mike Gilbert
0 siblings, 0 replies; 3+ messages in thread
From: Mike Gilbert @ 2017-04-04 19:50 UTC (permalink / raw
To: gentoo-commits
commit: 37d5df616f6355b44c93aee48c76e22e1aca48ec
Author: Arfrever Frehtes Taifersar Arahesis <Arfrever <AT> Apache <DOT> Org>
AuthorDate: Sun Apr 2 19:23:39 2017 +0000
Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Tue Apr 4 19:50:05 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=37d5df61
net-libs/neon: Delete old versions.
net-libs/neon/Manifest | 2 -
net-libs/neon/files/neon-0.30.1-gnutls3.4.patch | 282 ----------------------
net-libs/neon/files/neon-0.30.1-xml2-config.patch | 15 --
net-libs/neon/neon-0.30.0-r1.ebuild | 107 --------
net-libs/neon/neon-0.30.0.ebuild | 95 --------
net-libs/neon/neon-0.30.1-r1.ebuild | 111 ---------
net-libs/neon/neon-0.30.1.ebuild | 109 ---------
7 files changed, 721 deletions(-)
diff --git a/net-libs/neon/Manifest b/net-libs/neon/Manifest
index 253841ba349..1b6c985bd5a 100644
--- a/net-libs/neon/Manifest
+++ b/net-libs/neon/Manifest
@@ -1,3 +1 @@
-DIST neon-0.30.0.tar.gz 909989 SHA256 2962cfcb5d30f3272e3d2fa0e473434419770a3801afe3d46e5d1650787990c2 SHA512 67f8a6c5549c37d984d8a0af88cd93c8c51593fa995662fd686e47acb630143d7b0c02c09d3c19f6a0181e0ff82940618cf72a76f9cb17bb964293f4118f013e WHIRLPOOL 75df16aae54410e97887ad1b1d45a17e58868cffff7d929f511c4840179ace1500c33228b02de7a038b9620d729e5153e1e14cc916ed1af9ce90bf4c49fb4b71
-DIST neon-0.30.1.tar.gz 911414 SHA256 00c626c0dc18d094ab374dbd9a354915bfe4776433289386ed489c2ec0845cdd SHA512 4a9e45c886e04c5e1a1c781f7c2544b73724e09745097b1e8dc9adf9acd79af1762d668d4f18c295d7b4148d57af797834dd3c1203f2529089f7d1972ca71e63 WHIRLPOOL 747385544f0fbacc6c39fa5911ee5a21654ac21ecea89f297c17b43c21a7a649ae47b08b155733e9da0286a24024f4e54dcff3c9c2d678d9abe27f83054d718b
DIST neon-0.30.2.tar.gz 932779 SHA256 db0bd8cdec329b48f53a6f00199c92d5ba40b0f015b153718d1b15d3d967fbca SHA512 634caf87522e0bd2695c6fba39cae2465e403f9fbd8007eb10e4e035c765d24cb8da932c67bfa35c34aa51b90c7bc7037ebebaa1ec43259366d5d07233efc631 WHIRLPOOL 977464fc686727dcbdb9def45159d783586fceb289c0eca937429ae3d2b39d9c6bb63a5029be566107d415718ee6ab315b8167c02b3093884757932f89e3b704
diff --git a/net-libs/neon/files/neon-0.30.1-gnutls3.4.patch b/net-libs/neon/files/neon-0.30.1-gnutls3.4.patch
deleted file mode 100644
index c5165a0958a..00000000000
--- a/net-libs/neon/files/neon-0.30.1-gnutls3.4.patch
+++ /dev/null
@@ -1,282 +0,0 @@
-Description: fix building with GnuTLS 3.4
- Rewrite GnuTLS PKCS#11 support to work (exclusively) with the new
- GnuTLS 3.x API.
-Origin: upstream, r1963
-Author: Joe Orton <joe@light.plus.com>
-Bug-Debian: https://bugs.debian.org/782832
-Last-Update: 2015-10-03
-
----
-
---- neon27-0.30.1.orig/macros/neon.m4
-+++ neon27-0.30.1/macros/neon.m4
-@@ -982,10 +982,11 @@ gnutls)
-
- # Check for functions in later releases
- NE_CHECK_FUNCS([gnutls_session_get_data2 gnutls_x509_dn_get_rdn_ava \
-- gnutls_sign_callback_set \
- gnutls_certificate_get_issuer \
- gnutls_certificate_get_x509_cas \
-- gnutls_x509_crt_sign2])
-+ gnutls_x509_crt_sign2 \
-+ gnutls_certificate_set_retrieve_function2 \
-+ gnutls_privkey_import_ext])
-
- # fail if gnutls_x509_crt_sign2 is not found (it was introduced in 1.2.0, which is required)
- if test x${ac_cv_func_gnutls_x509_crt_sign2} != xyes; then
-@@ -1039,7 +1040,7 @@ posix|yes)
- ;;
- esac
-
--case ${with_pakchois}X${ac_cv_func_gnutls_sign_callback_set}Y${ne_cv_lib_ssl097} in
-+case ${with_pakchois}X${ac_cv_func_gnutls_privkey_import_ext}Y${ne_cv_lib_ssl097} in
- noX*Y*) ;;
- *X*Yyes|*XyesY*)
- # PKCS#11... ho!
---- neon27-0.30.1.orig/src/ne_gnutls.c
-+++ neon27-0.30.1/src/ne_gnutls.c
-@@ -89,6 +89,13 @@ struct ne_ssl_client_cert_s {
- ne_ssl_certificate cert;
- gnutls_x509_privkey_t pkey;
- char *friendly_name;
-+#ifdef HAVE_GNUTLS_PRIVKEY_IMPORT_EXT
-+ /* Signing callback & userdata provided by ne_pkcs11.c. It would
-+ * be better to rewrite the whole module to use gnutls_privkey_t
-+ * directly, but it seems impossible to dup such an object. */
-+ gnutls_privkey_sign_func sign_func;
-+ void *sign_ud;
-+#endif
- };
-
- /* Returns the highest used index in subject (or issuer) DN of
-@@ -525,6 +532,10 @@ static ne_ssl_client_cert *dup_client_ce
-
- if (cc->keyless) {
- newcc->keyless = 1;
-+#ifdef HAVE_GNUTLS_PRIVKEY_IMPORT_EXT
-+ newcc->sign_func = cc->sign_func;
-+ newcc->sign_ud = cc->sign_ud;
-+#endif
- }
- else {
- ret = gnutls_x509_privkey_init(&newcc->pkey);
-@@ -553,7 +564,15 @@ dup_error:
- static int provide_client_cert(gnutls_session_t session,
- const gnutls_datum_t *req_ca_rdn, int nreqs,
- const gnutls_pk_algorithm_t *sign_algos,
-- int sign_algos_length, gnutls_retr_st *st)
-+ int sign_algos_length,
-+#ifdef HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION2
-+ gnutls_pcert_st **pcert,
-+ unsigned int *pcert_length,
-+ gnutls_privkey_t *pkey
-+#else
-+ gnutls_retr2_st *st
-+#endif
-+ )
- {
- ne_session *sess = gnutls_session_get_ptr(session);
-
-@@ -611,27 +630,59 @@ static int provide_client_cert(gnutls_se
- if (sess->client_cert) {
- gnutls_certificate_type_t type = gnutls_certificate_type_get(session);
- if (type == GNUTLS_CRT_X509
--#if LIBGNUTLS_VERSION_NUMBER > 0x030000
-- /* Ugly hack; prevent segfaults w/GnuTLS 3.0. */
-- && sess->client_cert->pkey != NULL
-+ && (sess->client_cert->pkey || sess->client_cert->keyless)) {
-+ int ret;
-+
-+#ifdef HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION2
-+ *pkey = gnutls_malloc(sizeof *pkey);
-+ gnutls_privkey_init(pkey);
-+
-+#ifdef HAVE_GNUTLS_PRIVKEY_IMPORT_EXT
-+ if (sess->client_cert->sign_func) {
-+ int algo = gnutls_x509_crt_get_pk_algorithm(sess->client_cert->cert.subject, NULL);
-+ NE_DEBUG(NE_DBG_SSL, "ssl: Signing for %s.\n", gnutls_pk_algorithm_get_name(algo));
-+
-+ ret = gnutls_privkey_import_ext(*pkey, algo, sess->client_cert->sign_ud,
-+ sess->client_cert->sign_func, NULL, 0);
-+ }
-+ else
- #endif
-- ) {
-- NE_DEBUG(NE_DBG_SSL, "Supplying client certificate.\n");
-+ if (sess->client_cert->keyless) {
-+ ret = GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
-+ }
-+ else {
-+ ret = gnutls_privkey_import_x509(*pkey, sess->client_cert->pkey, 0);
-+ }
-
-- st->type = type;
-+ if (ret) {
-+ NE_DEBUG(NE_DBG_SSL, "ssl: Failed to import private key: %s.\n", gnutls_strerror(ret));
-+ ne_set_error(sess, _("Failed to import private key: %s"), gnutls_strerror(ret));
-+ return ret;
-+ }
-+
-+ *pcert = gnutls_malloc(sizeof *pcert);
-+ gnutls_pcert_import_x509(*pcert, sess->client_cert->cert.subject, 0);
-+ *pcert_length = 1;
-+#else /* !HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION2 */
-+ st->cert_type = type;
- st->ncerts = 1;
- st->cert.x509 = &sess->client_cert->cert.subject;
- st->key.x509 = sess->client_cert->pkey;
-
- /* tell GNU TLS not to deallocate the certs. */
- st->deinit_all = 0;
-+#endif
- } else {
- return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
- }
- }
- else {
-- NE_DEBUG(NE_DBG_SSL, "No client certificate supplied.\n");
-+ NE_DEBUG(NE_DBG_SSL, "ssl: No client certificate supplied.\n");
-+#ifdef HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION2
-+ *pcert_length = 0;
-+#else
- st->ncerts = 0;
-+#endif
- sess->ssl_cc_requested = 1;
- return 0;
- }
-@@ -649,8 +700,12 @@ ne_ssl_context *ne_ssl_context_create(in
- ne_ssl_context *ctx = ne_calloc(sizeof *ctx);
- gnutls_certificate_allocate_credentials(&ctx->cred);
- if (flags == NE_SSL_CTX_CLIENT) {
-+#ifdef HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION2
-+ gnutls_certificate_set_retrieve_function2(ctx->cred, provide_client_cert);
-+#else
- gnutls_certificate_client_set_retrieve_function(ctx->cred,
- provide_client_cert);
-+#endif
- }
- gnutls_certificate_set_verify_flags(ctx->cred,
- GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
-@@ -1206,8 +1261,10 @@ ne_ssl_client_cert *ne_ssl_clicert_impor
- }
- }
-
--ne_ssl_client_cert *ne__ssl_clicert_exkey_import(const unsigned char *der,
-- size_t der_len)
-+#ifdef HAVE_GNUTLS_PRIVKEY_IMPORT_EXT
-+ne_ssl_client_cert *ne__ssl_clicert_exkey_import(const unsigned char *der, size_t der_len,
-+ gnutls_privkey_sign_func sign_func,
-+ void *userdata)
- {
- ne_ssl_client_cert *cc;
- gnutls_x509_crt_t x5;
-@@ -1226,9 +1283,12 @@ ne_ssl_client_cert *ne__ssl_clicert_exke
- cc->keyless = 1;
- cc->decrypted = 1;
- populate_cert(&cc->cert, x5);
-+ cc->sign_func = sign_func;
-+ cc->sign_ud = userdata;
-
-- return cc;
-+ return cc;
- }
-+#endif
-
- int ne_ssl_clicert_encrypted(const ne_ssl_client_cert *cc)
- {
---- neon27-0.30.1.orig/src/ne_pkcs11.c
-+++ neon27-0.30.1/src/ne_pkcs11.c
-@@ -156,6 +156,13 @@ static RSA_METHOD *pk11_rsa_method(ne_ss
- }
- #endif
-
-+#ifdef HAVE_GNUTLS
-+static int pk11_sign_callback(gnutls_privkey_t pkey,
-+ void *userdata,
-+ const gnutls_datum_t *raw_data,
-+ gnutls_datum_t *signature);
-+#endif
-+
- static int pk11_find_x509(ne_ssl_pkcs11_provider *prov,
- pakchois_session_t *pks,
- unsigned char *certid, unsigned long *cid_len)
-@@ -203,7 +210,7 @@ static int pk11_find_x509(ne_ssl_pkcs11_
- ne_ssl_client_cert *cc;
-
- #ifdef HAVE_GNUTLS
-- cc = ne__ssl_clicert_exkey_import(value, a[0].value_len);
-+ cc = ne__ssl_clicert_exkey_import(value, a[0].value_len, pk11_sign_callback, prov);
- #else
- cc = ne__ssl_clicert_exkey_import(value, a[0].value_len, pk11_rsa_method(prov));
- #endif
-@@ -298,10 +305,8 @@ static int find_client_cert(ne_ssl_pkcs1
- #ifdef HAVE_GNUTLS
- /* Callback invoked by GnuTLS to provide the signature. The signature
- * operation is handled here by the PKCS#11 provider. */
--static int pk11_sign_callback(gnutls_session_t session,
-+static int pk11_sign_callback(gnutls_privkey_t pkey,
- void *userdata,
-- gnutls_certificate_type_t cert_type,
-- const gnutls_datum_t *cert,
- const gnutls_datum_t *hash,
- gnutls_datum_t *signature)
- {
-@@ -571,11 +576,6 @@ void ne_ssl_pkcs11_provider_pin(ne_ssl_p
- void ne_ssl_set_pkcs11_provider(ne_session *sess,
- ne_ssl_pkcs11_provider *provider)
- {
--#ifdef HAVE_GNUTLS
-- sess->ssl_context->sign_func = pk11_sign_callback;
-- sess->ssl_context->sign_data = provider;
--#endif
--
- ne_ssl_provide_clicert(sess, pk11_provide, provider);
- }
-
---- neon27-0.30.1.orig/src/ne_privssl.h
-+++ neon27-0.30.1/src/ne_privssl.h
-@@ -58,6 +58,10 @@ ne__ssl_clicert_exkey_import(const unsig
-
- #include <gnutls/gnutls.h>
-
-+#ifdef HAVE_GNUTLS_PRIVKEY_IMPORT_EXT
-+#include <gnutls/abstract.h>
-+#endif
-+
- struct ne_ssl_context_s {
- gnutls_certificate_credentials_t cred;
- int verify; /* non-zero if client cert verification required */
-@@ -78,17 +82,13 @@ struct ne_ssl_context_s {
- } client;
- #endif
- } cache;
--
--#ifdef HAVE_GNUTLS_SIGN_CALLBACK_SET
-- gnutls_sign_func sign_func;
-- void *sign_data;
--#endif
- };
-
- typedef gnutls_session_t ne_ssl_socket;
-
- NE_PRIVATE ne_ssl_client_cert *
--ne__ssl_clicert_exkey_import(const unsigned char *der, size_t der_len);
-+ne__ssl_clicert_exkey_import(const unsigned char *der, size_t der_len,
-+ gnutls_privkey_sign_func sign_func, void *userdata);
-
- #endif /* HAVE_GNUTLS */
-
---- neon27-0.30.1.orig/src/ne_socket.c
-+++ neon27-0.30.1/src/ne_socket.c
-@@ -1793,11 +1793,6 @@ int ne_sock_connect_ssl(ne_socket *sock,
- gnutls_session_set_ptr(sock->ssl, userdata);
- gnutls_credentials_set(sock->ssl, GNUTLS_CRD_CERTIFICATE, ctx->cred);
-
--#ifdef HAVE_GNUTLS_SIGN_CALLBACK_SET
-- if (ctx->sign_func)
-- gnutls_sign_callback_set(sock->ssl, ctx->sign_func, ctx->sign_data);
--#endif
--
- if (ctx->hostname) {
- gnutls_server_name_set(sock->ssl, GNUTLS_NAME_DNS, ctx->hostname,
- strlen(ctx->hostname));
diff --git a/net-libs/neon/files/neon-0.30.1-xml2-config.patch b/net-libs/neon/files/neon-0.30.1-xml2-config.patch
deleted file mode 100644
index 1290101844c..00000000000
--- a/net-libs/neon/files/neon-0.30.1-xml2-config.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-locate the $CHOST prefixed version of xml2-config by default
-
-would be better to use pkg-config here, but this patch is minimally invasive
-
---- a/macros/neon-xml-parser.m4
-+++ b/macros/neon-xml-parser.m4
-@@ -44,7 +44,7 @@ AC_CHECK_HEADER(expat.h,
-
- dnl Find libxml2: run $1 if found, else $2
- AC_DEFUN([NE_XML_LIBXML2], [
--AC_CHECK_PROG(XML2_CONFIG, xml2-config, xml2-config)
-+AC_CHECK_TOOL(XML2_CONFIG, xml2-config, xml2-config)
- if test -n "$XML2_CONFIG"; then
- neon_xml_parser_message="libxml `$XML2_CONFIG --version`"
- AC_DEFINE(HAVE_LIBXML, 1, [Define if you have libxml])
diff --git a/net-libs/neon/neon-0.30.0-r1.ebuild b/net-libs/neon/neon-0.30.0-r1.ebuild
deleted file mode 100644
index 6778e79114e..00000000000
--- a/net-libs/neon/neon-0.30.0-r1.ebuild
+++ /dev/null
@@ -1,107 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="5"
-
-inherit autotools eutils libtool multilib-minimal
-
-DESCRIPTION="HTTP and WebDAV client library"
-HOMEPAGE="http://www.webdav.org/neon/"
-SRC_URI="http://www.webdav.org/neon/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0/27"
-KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="doc expat gnutls kerberos libproxy nls pkcs11 ssl static-libs zlib"
-IUSE_LINGUAS="cs de fr ja nn pl ru tr zh_CN"
-for lingua in ${IUSE_LINGUAS}; do
- IUSE+=" linguas_${lingua}"
-done
-unset lingua
-RESTRICT="test"
-
-RDEPEND="expat? ( >=dev-libs/expat-2.1.0-r3:0=[${MULTILIB_USEDEP}] )
- !expat? ( >=dev-libs/libxml2-2.9.1-r4:2=[${MULTILIB_USEDEP}] )
- gnutls? (
- app-misc/ca-certificates
- >=net-libs/gnutls-2.12.23-r6:0=[${MULTILIB_USEDEP}]
- pkcs11? ( >=dev-libs/pakchois-0.4-r1:0=[${MULTILIB_USEDEP}] )
- )
- !gnutls? ( ssl? (
- >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}]
- pkcs11? ( >=dev-libs/pakchois-0.4-r1:0=[${MULTILIB_USEDEP}] )
- ) )
- kerberos? ( >=virtual/krb5-0-r1:0=[${MULTILIB_USEDEP}] )
- libproxy? ( >=net-libs/libproxy-0.4.11-r1:0=[${MULTILIB_USEDEP}] )
- nls? ( >=virtual/libintl-0-r1:0=[${MULTILIB_USEDEP}] )
- zlib? ( >=sys-libs/zlib-1.2.8-r1:0=[${MULTILIB_USEDEP}] )"
-DEPEND="${RDEPEND}
- >=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}]"
-RDEPEND="${RDEPEND}
- abi_x86_32? (
- !<=app-emulation/emul-linux-x86-baselibs-20140508-r8
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
- )"
-
-MULTILIB_CHOST_TOOLS=(
- /usr/bin/neon-config
-)
-
-src_prepare() {
- local lingua linguas
- for lingua in ${IUSE_LINGUAS}; do
- use linguas_${lingua} && linguas+=" ${lingua}"
- done
- sed -e "s/ALL_LINGUAS=.*/ALL_LINGUAS=\"${linguas}\"/" -i configure.in
-
- AT_M4DIR="macros" eautoreconf
-
- elibtoolize
-}
-
-multilib_src_configure() {
- local myconf=()
-
- if has_version sys-libs/glibc; then
- einfo "Enabling SSL library thread-safety using POSIX threads..."
- myconf+=(--enable-threadsafe-ssl=posix)
- fi
-
- if use expat; then
- myconf+=(--with-expat)
- else
- myconf+=(--with-libxml2)
- fi
-
- if use gnutls; then
- myconf+=(--with-ssl=gnutls --with-ca-bundle="${EPREFIX}/etc/ssl/certs/ca-certificates.crt")
- elif use ssl; then
- myconf+=(--with-ssl=openssl)
- fi
-
- ECONF_SOURCE=${S} \
- econf \
- --docdir="${EPREFIX}/usr/share/doc/${PF}" \
- --enable-shared \
- $(use_with kerberos gssapi) \
- $(use_with libproxy) \
- $(use_enable nls) \
- $(use_with pkcs11 pakchois) \
- $(use_enable static-libs static) \
- $(use_with zlib) \
- "${myconf[@]}"
-}
-
-multilib_src_install() {
- emake DESTDIR="${D}" install-{config,headers,lib,man,nls}
-
- if use doc; then
- emake DESTDIR="${D}" install-html
- fi
-}
-
-multilib_src_install_all() {
- prune_libtool_files --all
-
- dodoc AUTHORS BUGS NEWS README THANKS TODO
-}
diff --git a/net-libs/neon/neon-0.30.0.ebuild b/net-libs/neon/neon-0.30.0.ebuild
deleted file mode 100644
index 3a4ae72fd33..00000000000
--- a/net-libs/neon/neon-0.30.0.ebuild
+++ /dev/null
@@ -1,95 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="5"
-
-inherit autotools libtool
-
-DESCRIPTION="HTTP and WebDAV client library"
-HOMEPAGE="http://www.webdav.org/neon/"
-SRC_URI="http://www.webdav.org/neon/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0/27"
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="doc expat gnutls kerberos libproxy nls pkcs11 ssl static-libs zlib"
-IUSE_LINGUAS="cs de fr ja nn pl ru tr zh_CN"
-for lingua in ${IUSE_LINGUAS}; do
- IUSE+=" linguas_${lingua}"
-done
-unset lingua
-RESTRICT="test"
-
-RDEPEND="expat? ( dev-libs/expat:0= )
- !expat? ( dev-libs/libxml2:2= )
- gnutls? (
- app-misc/ca-certificates
- net-libs/gnutls:0=
- pkcs11? ( dev-libs/pakchois:0= )
- )
- !gnutls? ( ssl? (
- dev-libs/openssl:0=
- pkcs11? ( dev-libs/pakchois:0= )
- ) )
- kerberos? ( virtual/krb5:0= )
- libproxy? ( net-libs/libproxy:0= )
- nls? ( virtual/libintl:0= )
- zlib? ( sys-libs/zlib:0= )"
-DEPEND="${RDEPEND}
- virtual/pkgconfig"
-
-src_prepare() {
- local lingua linguas
- for lingua in ${IUSE_LINGUAS}; do
- use linguas_${lingua} && linguas+=" ${lingua}"
- done
- sed -e "s/ALL_LINGUAS=.*/ALL_LINGUAS=\"${linguas}\"/" -i configure.in
-
- AT_M4DIR="macros" eautoreconf
-
- elibtoolize
-}
-
-src_configure() {
- local myconf=()
-
- if has_version sys-libs/glibc; then
- einfo "Enabling SSL library thread-safety using POSIX threads..."
- myconf+=(--enable-threadsafe-ssl=posix)
- fi
-
- if use expat; then
- myconf+=(--with-expat)
- else
- myconf+=(--with-libxml2)
- fi
-
- if use gnutls; then
- myconf+=(--with-ssl=gnutls --with-ca-bundle="${EPREFIX}/etc/ssl/certs/ca-certificates.crt")
- elif use ssl; then
- myconf+=(--with-ssl=openssl)
- fi
-
- econf \
- --docdir="${EPREFIX}/usr/share/doc/${PF}" \
- --enable-shared \
- $(use_with kerberos gssapi) \
- $(use_with libproxy) \
- $(use_enable nls) \
- $(use_with pkcs11 pakchois) \
- $(use_enable static-libs static) \
- $(use_with zlib) \
- "${myconf[@]}"
-}
-
-src_install() {
- emake DESTDIR="${D}" install-{config,headers,lib,man,nls}
-
- find "${ED}" -name "*.la" -delete
-
- if use doc; then
- emake DESTDIR="${D}" install-html
- fi
-
- dodoc AUTHORS BUGS NEWS README THANKS TODO
-}
diff --git a/net-libs/neon/neon-0.30.1-r1.ebuild b/net-libs/neon/neon-0.30.1-r1.ebuild
deleted file mode 100644
index 1a978773242..00000000000
--- a/net-libs/neon/neon-0.30.1-r1.ebuild
+++ /dev/null
@@ -1,111 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="5"
-
-inherit autotools libtool multilib-minimal
-
-DESCRIPTION="HTTP and WebDAV client library"
-HOMEPAGE="http://www.webdav.org/neon/"
-SRC_URI="http://www.webdav.org/neon/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0/27"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="doc expat gnutls kerberos libproxy libressl nls pkcs11 ssl static-libs zlib"
-IUSE_LINGUAS="cs de fr ja nn pl ru tr zh_CN"
-for lingua in ${IUSE_LINGUAS}; do
- IUSE+=" linguas_${lingua}"
-done
-unset lingua
-RESTRICT="test"
-
-RDEPEND="expat? ( dev-libs/expat:0=[${MULTILIB_USEDEP}] )
- !expat? ( dev-libs/libxml2:2=[${MULTILIB_USEDEP}] )
- gnutls? (
- app-misc/ca-certificates
- net-libs/gnutls:0=[${MULTILIB_USEDEP}]
- pkcs11? ( dev-libs/pakchois:0=[${MULTILIB_USEDEP}] )
- )
- !gnutls? ( ssl? (
- !libressl? ( dev-libs/openssl:0=[${MULTILIB_USEDEP}] )
- libressl? ( dev-libs/libressl:=[${MULTILIB_USEDEP}] )
- pkcs11? ( dev-libs/pakchois:0=[${MULTILIB_USEDEP}] )
- ) )
- kerberos? ( virtual/krb5:0=[${MULTILIB_USEDEP}] )
- libproxy? ( net-libs/libproxy:0=[${MULTILIB_USEDEP}] )
- nls? ( virtual/libintl:0=[${MULTILIB_USEDEP}] )
- zlib? ( sys-libs/zlib:0=[${MULTILIB_USEDEP}] )"
-DEPEND="${RDEPEND}
- virtual/pkgconfig[${MULTILIB_USEDEP}]"
-RDEPEND="${RDEPEND}
- abi_x86_32? (
- !<=app-emulation/emul-linux-x86-baselibs-20140508-r8
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
- )"
-
-MULTILIB_CHOST_TOOLS=(
- /usr/bin/neon-config
-)
-
-src_prepare() {
- local lingua linguas
- for lingua in ${IUSE_LINGUAS}; do
- use linguas_${lingua} && linguas+=" ${lingua}"
- done
- sed -e "s/ALL_LINGUAS=.*/ALL_LINGUAS=\"${linguas}\"/" -i configure.ac || die
-
- epatch "${FILESDIR}"/${P}-xml2-config.patch \
- "${FILESDIR}"/${P}-gnutls3.4.patch
- AT_M4DIR="macros" eautoreconf
-
- elibtoolize
-
- multilib_copy_sources
-}
-
-multilib_src_configure() {
- local myconf=()
-
- if has_version sys-libs/glibc; then
- einfo "Enabling SSL library thread-safety using POSIX threads..."
- myconf+=(--enable-threadsafe-ssl=posix)
- fi
-
- if use expat; then
- myconf+=(--with-expat)
- else
- myconf+=(--with-libxml2)
- fi
-
- if use gnutls; then
- myconf+=(--with-ssl=gnutls --with-ca-bundle="${EPREFIX}/etc/ssl/certs/ca-certificates.crt")
- elif use ssl; then
- myconf+=(--with-ssl=openssl)
- fi
-
- econf \
- --docdir="${EPREFIX}/usr/share/doc/${PF}" \
- --enable-shared \
- $(use_with kerberos gssapi) \
- $(use_with libproxy) \
- $(use_enable nls) \
- $(use_with pkcs11 pakchois) \
- $(use_enable static-libs static) \
- $(use_with zlib) \
- "${myconf[@]}"
-}
-
-multilib_src_install() {
- emake DESTDIR="${D}" install-{config,headers,lib,man,nls}
-
- if multilib_is_native_abi && use doc; then
- dohtml -r doc/html/
- fi
-}
-
-multilib_src_install_all() {
- find "${ED}" -name "*.la" -delete
-
- dodoc AUTHORS BUGS NEWS README THANKS TODO
-}
diff --git a/net-libs/neon/neon-0.30.1.ebuild b/net-libs/neon/neon-0.30.1.ebuild
deleted file mode 100644
index 34e157af079..00000000000
--- a/net-libs/neon/neon-0.30.1.ebuild
+++ /dev/null
@@ -1,109 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="5"
-
-inherit autotools libtool multilib-minimal
-
-DESCRIPTION="HTTP and WebDAV client library"
-HOMEPAGE="http://www.webdav.org/neon/"
-SRC_URI="http://www.webdav.org/neon/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0/27"
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="doc expat gnutls kerberos libproxy nls pkcs11 ssl static-libs zlib"
-IUSE_LINGUAS="cs de fr ja nn pl ru tr zh_CN"
-for lingua in ${IUSE_LINGUAS}; do
- IUSE+=" linguas_${lingua}"
-done
-unset lingua
-RESTRICT="test"
-
-RDEPEND="expat? ( dev-libs/expat:0=[${MULTILIB_USEDEP}] )
- !expat? ( dev-libs/libxml2:2=[${MULTILIB_USEDEP}] )
- gnutls? (
- app-misc/ca-certificates
- net-libs/gnutls:0=[${MULTILIB_USEDEP}]
- pkcs11? ( dev-libs/pakchois:0=[${MULTILIB_USEDEP}] )
- )
- !gnutls? ( ssl? (
- dev-libs/openssl:0=[${MULTILIB_USEDEP}]
- pkcs11? ( dev-libs/pakchois:0=[${MULTILIB_USEDEP}] )
- ) )
- kerberos? ( virtual/krb5:0=[${MULTILIB_USEDEP}] )
- libproxy? ( net-libs/libproxy:0=[${MULTILIB_USEDEP}] )
- nls? ( virtual/libintl:0=[${MULTILIB_USEDEP}] )
- zlib? ( sys-libs/zlib:0=[${MULTILIB_USEDEP}] )"
-DEPEND="${RDEPEND}
- virtual/pkgconfig[${MULTILIB_USEDEP}]"
-RDEPEND="${RDEPEND}
- abi_x86_32? (
- !<=app-emulation/emul-linux-x86-baselibs-20140508-r8
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
- )"
-
-MULTILIB_CHOST_TOOLS=(
- /usr/bin/neon-config
-)
-
-src_prepare() {
- local lingua linguas
- for lingua in ${IUSE_LINGUAS}; do
- use linguas_${lingua} && linguas+=" ${lingua}"
- done
- sed -e "s/ALL_LINGUAS=.*/ALL_LINGUAS=\"${linguas}\"/" -i configure.ac || die
-
- epatch "${FILESDIR}"/${P}-xml2-config.patch
- AT_M4DIR="macros" eautoreconf
-
- elibtoolize
-
- multilib_copy_sources
-}
-
-multilib_src_configure() {
- local myconf=()
-
- if has_version sys-libs/glibc; then
- einfo "Enabling SSL library thread-safety using POSIX threads..."
- myconf+=(--enable-threadsafe-ssl=posix)
- fi
-
- if use expat; then
- myconf+=(--with-expat)
- else
- myconf+=(--with-libxml2)
- fi
-
- if use gnutls; then
- myconf+=(--with-ssl=gnutls --with-ca-bundle="${EPREFIX}/etc/ssl/certs/ca-certificates.crt")
- elif use ssl; then
- myconf+=(--with-ssl=openssl)
- fi
-
- econf \
- --docdir="${EPREFIX}/usr/share/doc/${PF}" \
- --enable-shared \
- $(use_with kerberos gssapi) \
- $(use_with libproxy) \
- $(use_enable nls) \
- $(use_with pkcs11 pakchois) \
- $(use_enable static-libs static) \
- $(use_with zlib) \
- "${myconf[@]}"
-}
-
-multilib_src_install() {
- emake DESTDIR="${D}" install-{config,headers,lib,man,nls}
-
- if multilib_is_native_abi && use doc; then
- dohtml -r doc/html/
- fi
-}
-
-multilib_src_install_all() {
- find "${ED}" -name "*.la" -delete
-
- dodoc AUTHORS BUGS NEWS README THANKS TODO
-}
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-libs/neon/, net-libs/neon/files/
@ 2023-06-03 13:07 Joonas Niilola
0 siblings, 0 replies; 3+ messages in thread
From: Joonas Niilola @ 2023-06-03 13:07 UTC (permalink / raw
To: gentoo-commits
commit: 59879db8e97318941bd2da04d53878cf04c47202
Author: orbea <orbea <AT> riseup <DOT> net>
AuthorDate: Tue May 30 14:18:21 2023 +0000
Commit: Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Sat Jun 3 13:07:10 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=59879db8
net-libs/neon: add upstream patches
This fixes POSIX compliance in the tests and fixes the build with
LibreSSL.
Closes: https://bugs.gentoo.org/832851
Upstream-PR: https://github.com/notroj/neon/pull/115
Upstream-Commit: https://github.com/notroj/neon/commit/e02ead4d990e49c912ef053c46b55713685119ee
Bug: https://bugs.gentoo.org/903001
Upstream-PR: https://github.com/notroj/neon/pull/113
Upstream-Commit: https://github.com/notroj/neon/commit/18e868e4449cd46d494944ced798f9dcd01f65c5
Upstream-PR: https://github.com/notroj/neon/pull/116
Upstream-Commit: https://github.com/notroj/neon/commit/231a1d3f3f427b823753dc2e53adcf9cafda619b
Upstream-PR: https://github.com/notroj/neon/pull/118
Upstream-Commit: https://github.com/notroj/neon/commit/6f98a9c9bdd76fb3d367e3b01bcc45bea574c3d1
Signed-off-by: orbea <orbea <AT> riseup.net>
Closes: https://github.com/gentoo/gentoo/pull/31230
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>
net-libs/neon/files/neon-0.32.4-dash.patch | 43 ++++++++++++++++++
net-libs/neon/files/neon-0.32.4-libressl.patch | 61 ++++++++++++++++++++++++++
net-libs/neon/neon-0.32.4.ebuild | 7 ++-
3 files changed, 110 insertions(+), 1 deletion(-)
diff --git a/net-libs/neon/files/neon-0.32.4-dash.patch b/net-libs/neon/files/neon-0.32.4-dash.patch
new file mode 100644
index 000000000000..cba1660ec62c
--- /dev/null
+++ b/net-libs/neon/files/neon-0.32.4-dash.patch
@@ -0,0 +1,43 @@
+https://bugs.gentoo.org/832851
+https://github.com/notroj/neon/pull/115
+https://github.com/notroj/neon/commit/e02ead4d990e49c912ef053c46b55713685119ee
+
+From e1bcf0e83012e0c1ff81c573d2650e1a4e40d955 Mon Sep 17 00:00:00 2001
+From: orbea <orbea@riseup.net>
+Date: Sat, 6 May 2023 20:50:50 -0700
+Subject: [PATCH 1/2] test/makekeys.sh: fix POSIX compliance
+
+Not all shells provide 'echo -e' and using printf is more portable.
+
+One shell that will fail is dash(1).
+
+ssl................... 10/63 FAIL - dname_readable (certificate subject dname was `-e H\0350llo World, Neon Hackers Ltd, Cambridge, Cambridgeshire, GB' not `Hèllo World, Neon Hackers Ltd, Cambridge, Cambridgeshire, GB'
+
+Gentoo-Issue: https://bugs.gentoo.org/832851
+---
+ test/makekeys.sh | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/test/makekeys.sh b/test/makekeys.sh
+index 88dc7b3..8ee90ae 100755
+--- a/test/makekeys.sh
++++ b/test/makekeys.sh
+@@ -123,15 +123,15 @@ csr_fields "Self-Signed" | \
+ ${MKCERT} -key server.key -out ssigned.pem
+
+ # default => T61String
+-csr_fields "`echo -e 'H\0350llo World'`" localhost |
++csr_fields "$(printf 'H%bllo World\n' '\0350')" localhost |
+ ${REQ} -new -key server.key -out t61subj.csr
+
+ STRMASK=pkix # => BMPString
+-csr_fields "`echo -e 'H\0350llo World'`" localhost |
++csr_fields "$(printf 'H%bllo World\n' '\0350')" localhost |
+ ${REQ} -new -key server.key -out bmpsubj.csr
+
+ STRMASK=utf8only # => UTF8String
+-csr_fields "`echo -e 'H\0350llo World'`" localhost |
++csr_fields "$(printf 'H%bllo World\n' '\0350')" localhost |
+ ${REQ} -new -key server.key -out utf8subj.csr
+
+ STRMASK=default
diff --git a/net-libs/neon/files/neon-0.32.4-libressl.patch b/net-libs/neon/files/neon-0.32.4-libressl.patch
new file mode 100644
index 000000000000..7c69ad6abfd8
--- /dev/null
+++ b/net-libs/neon/files/neon-0.32.4-libressl.patch
@@ -0,0 +1,61 @@
+https://bugs.gentoo.org/903001
+https://github.com/notroj/neon/pull/113
+https://github.com/notroj/neon/commit/18e868e4449cd46d494944ced798f9dcd01f65c5
+https://github.com/notroj/neon/pull/116
+https://github.com/notroj/neon/commit/231a1d3f3f427b823753dc2e53adcf9cafda619b
+https://github.com/notroj/neon/pull/118
+https://github.com/notroj/neon/commit/6f98a9c9bdd76fb3d367e3b01bcc45bea574c3d1
+
+From 233f17b86ebc2cd99d9deede484f4b0be586730f Mon Sep 17 00:00:00 2001
+From: orbea <orbea@riseup.net>
+Date: Mon, 27 Mar 2023 14:58:49 -0700
+Subject: [PATCH] ne_openssl: Fix the build with libressl
+
+* Libressl 3.7 currently doesn't provide EVP_sha512_256().
+* Libressl 3.4 added SSL_CTX_set_post_handshake_auth().
+---
+ src/ne_openssl.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+From 392e1380e1fa07675934ed25e8980ae18d0bccb4 Mon Sep 17 00:00:00 2001
+From: Joe Orton <jorton@redhat.com>
+Date: Tue, 9 May 2023 16:26:55 +0100
+Subject: [PATCH] * src/ne_openssl.c: Fix GCC warning with OpenSSL build.
+
+---
+ src/ne_openssl.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+From 1e9483dbb43e82dde06bc84434c8b7124602adbc Mon Sep 17 00:00:00 2001
+From: orbea <orbea@riseup.net>
+Date: Mon, 29 May 2023 10:07:52 -0700
+Subject: [PATCH] ne_openssl: Update for LibreSSL 3.8.0
+
+EVP_sha512_256() was added in LibreSSL 3.8.0.
+---
+ src/ne_openssl.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/ne_openssl.c b/src/ne_openssl.c
+index d13c25a..bdb73e9 100644
+--- a/src/ne_openssl.c
++++ b/src/ne_openssl.c
+@@ -581,7 +581,7 @@ ne_ssl_context *ne_ssl_context_create(int mode)
+ /* enable workarounds for buggy SSL server implementations */
+ SSL_CTX_set_options(ctx->ctx, SSL_OP_ALL);
+ SSL_CTX_set_verify(ctx->ctx, SSL_VERIFY_PEER, verify_callback);
+-#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10101000L
++#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3040000fL || (!defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10101000L)
+ SSL_CTX_set_post_handshake_auth(ctx->ctx, 1);
+ #endif
+ } else if (mode == NE_SSL_CTX_SERVER) {
+@@ -1122,7 +1122,9 @@ static const EVP_MD *hash_to_md(unsigned int flags)
+ case NE_HASH_SHA256: return EVP_sha256();
+ #ifdef HAVE_OPENSSL11
+ case NE_HASH_SHA512: return EVP_sha512();
++#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x3080000fL
+ case NE_HASH_SHA512_256: return EVP_sha512_256();
++#endif
+ #endif
+ default: break;
+ }
diff --git a/net-libs/neon/neon-0.32.4.ebuild b/net-libs/neon/neon-0.32.4.ebuild
index c350863ad7d9..0f217f0a4475 100644
--- a/net-libs/neon/neon-0.32.4.ebuild
+++ b/net-libs/neon/neon-0.32.4.ebuild
@@ -1,4 +1,4 @@
-# Copyright 2001-2022 Gentoo Authors
+# Copyright 2001-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="8"
@@ -44,6 +44,11 @@ MULTILIB_CHOST_TOOLS=(
DOCS=( AUTHORS BUGS NEWS README.md THANKS TODO )
+PATCHES=(
+ "${FILESDIR}"/${PN}-0.32.4-dash.patch #832851
+ "${FILESDIR}"/${PN}-0.32.4-libressl.patch #903001
+)
+
src_prepare() {
if use gnutls; then
# Ignore failure of test pkcs11.
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-06-03 13:08 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-04-04 19:50 [gentoo-commits] repo/gentoo:master commit in: net-libs/neon/, net-libs/neon/files/ Mike Gilbert
-- strict thread matches above, loose matches on Subject: below --
2023-06-03 13:07 Joonas Niilola
2016-02-17 21:08 Alexis Ballier
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox