diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2018-04-05 15:03:59 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2018-04-06 05:19:29 +0000 |
commit | d296edbee3843ff7756054b5ba48bc0acbd91d94 (patch) | |
tree | 63bb2562baabbd537dd9eb22d6b4b247de82eb69 | |
parent | f32c4a1cf2cd732bd6d2bdc48583aef51c312be8 (diff) | |
download | aports-d296edbee3843ff7756054b5ba48bc0acbd91d94.tar.bz2 aports-d296edbee3843ff7756054b5ba48bc0acbd91d94.tar.xz |
community/stunnel: rebuild against libressl-2.7
-rw-r--r-- | community/stunnel/APKBUILD | 6 | ||||
-rw-r--r-- | community/stunnel/libressl-2.7.patch | 26 | ||||
-rw-r--r-- | community/stunnel/stunnel-libressl.patch | 102 |
3 files changed, 29 insertions, 105 deletions
diff --git a/community/stunnel/APKBUILD b/community/stunnel/APKBUILD index e04752630d..da5f5f8d31 100644 --- a/community/stunnel/APKBUILD +++ b/community/stunnel/APKBUILD @@ -4,7 +4,7 @@ # Maintainer: Jakub Jirutka <jakub@jirutka.cz> pkgname=stunnel pkgver=5.44 -pkgrel=0 +pkgrel=1 pkgdesc="SSL encryption wrapper between network client and server." url="http://www.stunnel.org/" arch="all" @@ -13,7 +13,7 @@ makedepends="libressl-dev" subpackages="$pkgname-doc" install="$pkgname.pre-install" source="http://www.stunnel.org/downloads/archive/${pkgver%.*}.x/stunnel-$pkgver.tar.gz - stunnel-libressl.patch + libressl-2.7.patch stunnel.initd stunnel.conf" builddir="$srcdir/$pkgname-$pkgver" @@ -50,6 +50,6 @@ package() { } sha512sums="a1aa4f234926208bf1b2c9acc0bf83dc0f2c8f575bc57f5ce89b32b4e3fde0412ea0ef7c2edb364fbe0b52fdd89773fab4df53950c58797c11b7668f3e4e7638 stunnel-5.44.tar.gz -63d24daa59fb7416929915a8d17f8dda21f1702f5a2f11cb45d6ac0d91478fa892805b209fa7e181ec5910b1c5cad8c06d11c05d15868f7f7da46d87a05a5820 stunnel-libressl.patch +f0174128a6c145f22b1fc7aaa23817eadae43105422b9638335409ad1491996bfc0c8c102a514593b0bcf0f06c0503fda1e4f92b0ea2a0a66bfe1b0f48071ec6 libressl-2.7.patch 33e215413e08fdd5783cc76e6ba6a2342fb6d0573f801815c4d3022625e71be6c9739d47a7a61bf7c803f27911b9c92cf6ae3e522add040f83802e1aaeaee000 stunnel.initd a72bfddeb74787d58c9fd24782d86c0498ce3530a43fbdd4ec4c4b57baa6257b6ef21005aca274b22c4a22cdbbbcee63dd3d841f458af248db9c69e8d59fa56f stunnel.conf" diff --git a/community/stunnel/libressl-2.7.patch b/community/stunnel/libressl-2.7.patch new file mode 100644 index 0000000000..7287c49370 --- /dev/null +++ b/community/stunnel/libressl-2.7.patch @@ -0,0 +1,26 @@ +diff --git a/src/ctx.c b/src/ctx.c +index b54fdbd..ef9aca1 100644 +--- a/src/ctx.c ++++ b/src/ctx.c +@@ -398,7 +398,7 @@ NOEXPORT int ecdh_init(SERVICE_OPTIONS *section) { + /**************************************** initialize OpenSSL CONF */ + + NOEXPORT int conf_init(SERVICE_OPTIONS *section) { +-#if OPENSSL_VERSION_NUMBER>=0x10002000L ++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) + SSL_CONF_CTX *cctx; + NAME_LIST *curr; + char *cmd, *param; +diff --git a/src/verify.c b/src/verify.c +index f9b9105..3b61b79 100644 +--- a/src/verify.c ++++ b/src/verify.c +@@ -353,7 +353,7 @@ NOEXPORT int cert_check_local(X509_STORE_CTX *callback_ctx) { + cert=X509_STORE_CTX_get_current_cert(callback_ctx); + subject=X509_get_subject_name(cert); + +-#if OPENSSL_VERSION_NUMBER<0x10100006L ++#if OPENSSL_VERSION_NUMBER<0x10100006L || defined(LIBRESSL_VERSION_NUMBER) + #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs + #endif + /* modern API allows retrieving multiple matching certificates */ diff --git a/community/stunnel/stunnel-libressl.patch b/community/stunnel/stunnel-libressl.patch deleted file mode 100644 index 84dc83e3c3..0000000000 --- a/community/stunnel/stunnel-libressl.patch +++ /dev/null @@ -1,102 +0,0 @@ -$OpenBSD: patch-src_common_h,v 1.1 2016/11/09 23:14:31 gsoares Exp $ ---- a/src/common.h.orig Mon Jun 27 04:29:32 2016 -+++ b/src/common.h Thu Nov 3 23:57:29 2016 -@@ -448,7 +448,7 @@ extern char *sys_errlist[]; - #define OPENSSL_NO_TLS1_2 - #endif /* OpenSSL older than 1.0.1 || defined(OPENSSL_NO_TLS1) */ - --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - #ifndef OPENSSL_NO_SSL2 - #define OPENSSL_NO_SSL2 - #endif /* !defined(OPENSSL_NO_SSL2) */ -@@ -474,7 +474,7 @@ extern char *sys_errlist[]; - #include <openssl/des.h> - #ifndef OPENSSL_NO_DH - #include <openssl/dh.h> --#if OPENSSL_VERSION_NUMBER<0x10100000L -+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); - #endif /* OpenSSL older than 1.1.0 */ - #endif /* !defined(OPENSSL_NO_DH) */ -$OpenBSD: patch-src_ctx_c,v 1.5 2017/09/12 16:15:24 gsoares Exp $ -Index: src/ctx.c ---- a/src/ctx.c.orig -+++ b/src/ctx.c -@@ -295,7 +295,7 @@ NOEXPORT int matches_wildcard(char *servername, char * - - #ifndef OPENSSL_NO_DH - --#if OPENSSL_VERSION_NUMBER<0x10100000L -+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx) { - return ctx->cipher_list; - } -@@ -398,7 +398,7 @@ NOEXPORT int ecdh_init(SERVICE_OPTIONS *section) { - /**************************************** initialize OpenSSL CONF */ - - NOEXPORT int conf_init(SERVICE_OPTIONS *section) { --#if OPENSSL_VERSION_NUMBER>=0x10002000L -+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) - SSL_CONF_CTX *cctx; - NAME_LIST *curr; - char *cmd, *param; -$OpenBSD: patch-src_ssl_c,v 1.6 2017/09/12 16:15:24 gsoares Exp $ -Index: src/ssl.c ---- a/src/ssl.c.orig -+++ b/src/ssl.c -@@ -51,7 +51,7 @@ int index_ssl_cli, index_ssl_ctx_opt; - int index_session_authenticated, index_session_connect_address; - - int ssl_init(void) { /* init TLS before parsing configuration file */ --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | - OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); - #else -@@ -86,7 +86,7 @@ int ssl_init(void) { /* init TLS before parsing config - } - - #ifndef OPENSSL_NO_DH --#if OPENSSL_VERSION_NUMBER<0x10100000L -+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - /* this is needed for dhparam.c generated with OpenSSL >= 1.1.0 - * to be linked against the older versions */ - int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) { -$OpenBSD: patch-src_sthreads_c,v 1.3 2017/09/12 16:15:24 gsoares Exp $ -Index: src/sthreads.c ---- a/src/sthreads.c.orig -+++ b/src/sthreads.c -@@ -216,7 +216,7 @@ void stunnel_rwlock_destroy_debug(struct CRYPTO_dynloc - - struct CRYPTO_dynlock_value stunnel_locks[STUNNEL_LOCKS]; - --#if OPENSSL_VERSION_NUMBER<0x10100004L -+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER) - #define CRYPTO_THREAD_lock_new() CRYPTO_get_new_dynlockid() - #endif - -$OpenBSD: patch-src_verify_c,v 1.6 2017/09/12 16:15:24 gsoares Exp $ -Index: src/verify.c ---- a/src/verify.c.orig -+++ b/src/verify.c -@@ -353,7 +353,7 @@ NOEXPORT int cert_check_local(X509_STORE_CTX *callback - cert=X509_STORE_CTX_get_current_cert(callback_ctx); - subject=X509_get_subject_name(cert); - --#if OPENSSL_VERSION_NUMBER<0x10100006L -+#if OPENSSL_VERSION_NUMBER<0x10100006L || defined(LIBRESSL_VERSION_NUMBER) - #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs - #endif - /* modern API allows retrieving multiple matching certificates */ ---- a/src/options.c -+++ b/src/options.c -@@ -3656,7 +3656,7 @@ - } - #endif - /* engines can add new algorithms */ --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS| - OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); - #else |