From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id C01AF1382C5 for ; Wed, 18 Apr 2018 21:42:34 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 10E36E0898; Wed, 18 Apr 2018 21:42:34 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id C89E8E0898 for ; Wed, 18 Apr 2018 21:42:33 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id EBB54335C60 for ; Wed, 18 Apr 2018 21:42:30 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id D35B3270 for ; Wed, 18 Apr 2018 21:42:28 +0000 (UTC) From: "Aaron Bauman" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Aaron Bauman" Message-ID: <1524087738.850b3f95dcf1417854d77e26303c0ed0ce519e9f.bman@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: net-misc/curl/, net-misc/curl/files/ X-VCS-Repository: repo/gentoo X-VCS-Files: net-misc/curl/curl-7.59.0.ebuild net-misc/curl/files/curl-7.59.0-libressl-compatibility.patch X-VCS-Directories: net-misc/curl/ net-misc/curl/files/ X-VCS-Committer: bman X-VCS-Committer-Name: Aaron Bauman X-VCS-Revision: 850b3f95dcf1417854d77e26303c0ed0ce519e9f X-VCS-Branch: master Date: Wed, 18 Apr 2018 21:42:28 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 14c851fa-39b5-46ef-9821-166124afff33 X-Archives-Hash: dd28cfb42a777e6d93fde9ed688b9f8c commit: 850b3f95dcf1417854d77e26303c0ed0ce519e9f Author: Aaron Bauman gentoo org> AuthorDate: Wed Apr 18 21:41:30 2018 +0000 Commit: Aaron Bauman gentoo org> CommitDate: Wed Apr 18 21:42:18 2018 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=850b3f95 net-misc/curl: compatibility patch for LibreSSL This patch fixes building with dev-libs/libressl-2.7.x. Patch was pulled from upstream Git and should be included in the next 7.60.0 release. Closes: https://bugs.gentoo.org/651172 Package-Manager: Portage-2.3.29, Repoman-2.3.9 net-misc/curl/curl-7.59.0.ebuild | 2 + .../files/curl-7.59.0-libressl-compatibility.patch | 70 ++++++++++++++++++++++ 2 files changed, 72 insertions(+) diff --git a/net-misc/curl/curl-7.59.0.ebuild b/net-misc/curl/curl-7.59.0.ebuild index 2240efbd3a8..87d83904d5d 100644 --- a/net-misc/curl/curl-7.59.0.ebuild +++ b/net-misc/curl/curl-7.59.0.ebuild @@ -108,6 +108,8 @@ src_prepare() { eapply "${FILESDIR}"/${PN}-7.30.0-prefix.patch eapply "${FILESDIR}"/${PN}-respect-cflags-3.patch eapply "${FILESDIR}"/${PN}-fix-gnutls-nettle.patch + # the next curl release (7.60.0) *should* contain this patch as it is in Git head and 7.60.0 has been tagged + eapply "${FILESDIR}"/${PN}-7.59.0-libressl-compatibility.patch sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241 diff --git a/net-misc/curl/files/curl-7.59.0-libressl-compatibility.patch b/net-misc/curl/files/curl-7.59.0-libressl-compatibility.patch new file mode 100644 index 00000000000..e7ee6c3ab15 --- /dev/null +++ b/net-misc/curl/files/curl-7.59.0-libressl-compatibility.patch @@ -0,0 +1,70 @@ +From da51ddee81e10398172f0baf3327b5db82846175 Mon Sep 17 00:00:00 2001 +From: Bernard Spil +Date: Mon, 2 Apr 2018 19:04:06 +0200 +Subject: [PATCH] openssl: fix build with LibreSSL 2.7 + + - LibreSSL 2.7 implements (most of) OpenSSL 1.1 API + +Fixes #2319 +Closes #2447 +Closes #2448 + +Signed-off-by: Bernard Spil +--- + lib/vtls/openssl.c | 15 +++++++++------ + 1 file changed, 9 insertions(+), 6 deletions(-) + +diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c +index 2a6b3cfac..bbb8ec766 100644 +--- a/lib/vtls/openssl.c ++++ b/lib/vtls/openssl.c +@@ -104,7 +104,8 @@ + #endif + + #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && /* OpenSSL 1.1.0+ */ \ +- !defined(LIBRESSL_VERSION_NUMBER) ++ !(defined(LIBRESSL_VERSION_NUMBER) && \ ++ LIBRESSL_VERSION_NUMBER < 0x20700000L) + #define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER + #define HAVE_X509_GET0_EXTENSIONS 1 /* added in 1.1.0 -pre1 */ + #define HAVE_OPAQUE_EVP_PKEY 1 /* since 1.1.0 -pre3 */ +@@ -128,7 +129,8 @@ static unsigned long OpenSSL_version_num(void) + #endif + + #if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) && /* 1.0.2 or later */ \ +- !defined(LIBRESSL_VERSION_NUMBER) ++ !(defined(LIBRESSL_VERSION_NUMBER) && \ ++ LIBRESSL_VERSION_NUMBER < 0x20700000L) + #define HAVE_X509_GET0_SIGNATURE 1 + #endif + +@@ -147,7 +149,7 @@ static unsigned long OpenSSL_version_num(void) + * Whether SSL_CTX_set_keylog_callback is available. + * OpenSSL: supported since 1.1.1 https://github.com/openssl/openssl/pull/2287 + * BoringSSL: supported since d28f59c27bac (committed 2015-11-19) +- * LibreSSL: unsupported in at least 2.5.1 (explicitly check for it since it ++ * LibreSSL: unsupported in at least 2.7.2 (explicitly check for it since it + * lies and pretends to be OpenSSL 2.0.0). + */ + #if (OPENSSL_VERSION_NUMBER >= 0x10101000L && \ +@@ -259,7 +261,9 @@ static void tap_ssl_key(const SSL *ssl, ssl_tap_state_t *state) + if(!session || !keylog_file_fp) + return; + +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \ ++ !(defined(LIBRESSL_VERSION_NUMBER) && \ ++ LIBRESSL_VERSION_NUMBER < 0x20700000L) + /* ssl->s3 is not checked in openssl 1.1.0-pre6, but let's assume that + * we have a valid SSL context if we have a non-NULL session. */ + SSL_get_client_random(ssl, client_random, SSL3_RANDOM_SIZE); +@@ -2082,8 +2086,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) + case CURL_SSLVERSION_TLSv1_2: + case CURL_SSLVERSION_TLSv1_3: + /* it will be handled later with the context options */ +-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \ +- !defined(LIBRESSL_VERSION_NUMBER) ++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) + req_method = TLS_client_method(); + #else + req_method = SSLv23_client_method();