Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-misc/stunnel
diff options
context:
space:
mode:
authorAnthony G. Basile <blueness@gentoo.org>2017-01-28 08:22:36 -0500
committerAnthony G. Basile <blueness@gentoo.org>2017-01-28 08:22:36 -0500
commited175c5284d66d77c891808de3239f187ee636f4 (patch)
treede1fd54dabe70d7c170ac4aaae2bd4149086aab7 /net-misc/stunnel
parentapp-text/ghostscript-gpl: Fix SRC_URL (diff)
downloadgentoo-ed175c5284d66d77c891808de3239f187ee636f4.tar.gz
gentoo-ed175c5284d66d77c891808de3239f187ee636f4.tar.bz2
gentoo-ed175c5284d66d77c891808de3239f187ee636f4.zip
net-misc/stunnel: fix build on libressl, bug #584298
Package-Manager: portage-2.3.3
Diffstat (limited to 'net-misc/stunnel')
-rw-r--r--net-misc/stunnel/files/stunnel-5.39-compat-libressl.patch132
-rw-r--r--net-misc/stunnel/stunnel-5.39.ebuild2
2 files changed, 133 insertions, 1 deletions
diff --git a/net-misc/stunnel/files/stunnel-5.39-compat-libressl.patch b/net-misc/stunnel/files/stunnel-5.39-compat-libressl.patch
new file mode 100644
index 000000000000..7c4f74351838
--- /dev/null
+++ b/net-misc/stunnel/files/stunnel-5.39-compat-libressl.patch
@@ -0,0 +1,132 @@
+diff -Naur stunnel-5.30.orig/src/ctx.c stunnel-5.30/src/ctx.c
+--- stunnel-5.30.orig/src/ctx.c 2016-01-15 16:45:23.000000000 +0000
++++ stunnel-5.30/src/ctx.c 2016-05-14 15:16:47.392859450 +0000
+@@ -359,7 +359,7 @@
+ /**************************************** initialize OpenSSL CONF */
+
+ NOEXPORT int conf_init(SERVICE_OPTIONS *section) {
+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+ SSL_CONF_CTX *cctx;
+ NAME_LIST *curr;
+ char *cmd, *param;
+diff -Naur stunnel-5.30.orig/src/verify.c stunnel-5.30/src/verify.c
+--- stunnel-5.30.orig/src/verify.c 2016-01-15 16:45:23.000000000 +0000
++++ stunnel-5.30/src/verify.c 2016-05-14 15:16:10.369860180 +0000
+@@ -51,7 +51,7 @@
+ NOEXPORT int verify_callback(int, X509_STORE_CTX *);
+ NOEXPORT int verify_checks(CLI *, int, X509_STORE_CTX *);
+ NOEXPORT int cert_check(CLI *, X509_STORE_CTX *, int);
+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+ NOEXPORT int cert_check_subject(CLI *, X509_STORE_CTX *);
+ #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
+ NOEXPORT int cert_check_local(X509_STORE_CTX *);
+@@ -280,7 +280,7 @@
+ }
+
+ if(depth==0) { /* additional peer certificate checks */
+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+ if(!cert_check_subject(c, callback_ctx))
+ return 0; /* reject */
+ #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
+@@ -291,7 +291,7 @@
+ return 1; /* accept */
+ }
+
+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+ NOEXPORT int cert_check_subject(CLI *c, X509_STORE_CTX *callback_ctx) {
+ X509 *cert=X509_STORE_CTX_get_current_cert(callback_ctx);
+ NAME_LIST *ptr;
+diff --git a/src/common.h b/src/common.h
+index 93f165e..491d9de 100644
+--- a/src/common.h
++++ b/src/common.h
+@@ -448,7 +448,7 @@ extern char *sys_errlist[];
+ #define OPENSSL_NO_TLS1_2
+ #endif /* OpenSSL older than 1.0.1 || defined(OPENSSL_NO_TLS1) */
+
+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ #ifndef OPENSSL_NO_SSL2
+ #define OPENSSL_NO_SSL2
+ #endif /* !defined(OPENSSL_NO_SSL2) */
+@@ -474,7 +474,7 @@ extern char *sys_errlist[];
+ #include <openssl/des.h>
+ #ifndef OPENSSL_NO_DH
+ #include <openssl/dh.h>
+-#if OPENSSL_VERSION_NUMBER<0x10100000L
++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ #endif /* OpenSSL older than 1.1.0 */
+ #endif /* !defined(OPENSSL_NO_DH) */
+diff --git a/src/prototypes.h b/src/prototypes.h
+index 303ff77..ae22598 100644
+--- a/src/prototypes.h
++++ b/src/prototypes.h
+@@ -664,13 +664,13 @@ typedef enum {
+ #endif /* OPENSSL_NO_DH */
+ STUNNEL_LOCKS /* number of locks */
+ } LOCK_TYPE;
+-#if OPENSSL_VERSION_NUMBER < 0x10100004L
++#if OPENSSL_VERSION_NUMBER < 0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
+ typedef int STUNNEL_RWLOCK;
+ #else
+ typedef CRYPTO_RWLOCK *STUNNEL_RWLOCK;
+ #endif
+ extern STUNNEL_RWLOCK stunnel_locks[STUNNEL_LOCKS];
+-#if OPENSSL_VERSION_NUMBER>=0x10100004L
++#if OPENSSL_VERSION_NUMBER>=0x10100004L && !defined(LIBRESSL_VERSION_NUMBER)
+ #define CRYPTO_THREAD_read_unlock(type) CRYPTO_THREAD_unlock(type)
+ #define CRYPTO_THREAD_write_unlock(type) CRYPTO_THREAD_unlock(type)
+ #else
+diff --git a/src/ssl.c b/src/ssl.c
+index a7af7e6..1483734 100644
+--- a/src/ssl.c
++++ b/src/ssl.c
+@@ -50,7 +50,7 @@ NOEXPORT int add_rand_file(GLOBAL_OPTIONS *, const char *);
+ int index_cli, index_opt, index_redirect, index_addr;
+
+ int ssl_init(void) { /* init TLS before parsing configuration file */
+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS |
+ OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
+ #else
+@@ -83,7 +83,7 @@ int ssl_init(void) { /* init TLS before parsing configuration file */
+ }
+
+ #ifndef OPENSSL_NO_DH
+-#if OPENSSL_VERSION_NUMBER<0x10100000L
++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ /* this is needed for dhparam.c generated with OpenSSL >= 1.1.0
+ * to be linked against the older versions */
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {
+diff --git a/src/sthreads.c b/src/sthreads.c
+index 59c24a2..04fb256 100644
+--- a/src/sthreads.c
++++ b/src/sthreads.c
+@@ -47,7 +47,7 @@
+ STUNNEL_RWLOCK stunnel_locks[STUNNEL_LOCKS];
+ #endif
+
+-#if OPENSSL_VERSION_NUMBER<0x10100004L
++#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
+ #define CRYPTO_THREAD_lock_new() CRYPTO_get_new_dynlockid()
+ #endif
+
+diff --git a/src/verify.c b/src/verify.c
+index ac1c3ee..3e3bda4 100644
+--- a/src/verify.c
++++ b/src/verify.c
+@@ -348,7 +348,7 @@ NOEXPORT int cert_check_local(X509_STORE_CTX *callback_ctx) {
+ cert=X509_STORE_CTX_get_current_cert(callback_ctx);
+ subject=X509_get_subject_name(cert);
+
+-#if OPENSSL_VERSION_NUMBER>=0x10000000L
++#if OPENSSL_VERSION_NUMBER>=0x10000000L && !defined(LIBRESSL_VERSION_NUMBER)
+ #if OPENSSL_VERSION_NUMBER<0x10100006L
+ #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs
+ #endif
diff --git a/net-misc/stunnel/stunnel-5.39.ebuild b/net-misc/stunnel/stunnel-5.39.ebuild
index 4275ec961d78..b1e4715aa9fb 100644
--- a/net-misc/stunnel/stunnel-5.39.ebuild
+++ b/net-misc/stunnel/stunnel-5.39.ebuild
@@ -41,7 +41,7 @@ src_prepare() {
tools/Makefile.in || die "sed failed"
# libressl compat
- eapply "${FILESDIR}"/stunnel-compat-libressl.patch
+ eapply "${FILESDIR}"/${P}-compat-libressl.patch
echo "CONFIG_PROTECT=\"/etc/stunnel/stunnel.conf\"" > "${T}"/20stunnel