aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2018-04-05 15:03:59 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2018-04-06 05:19:29 +0000
commitd296edbee3843ff7756054b5ba48bc0acbd91d94 (patch)
tree63bb2562baabbd537dd9eb22d6b4b247de82eb69
parentf32c4a1cf2cd732bd6d2bdc48583aef51c312be8 (diff)
downloadaports-d296edbee3843ff7756054b5ba48bc0acbd91d94.tar.bz2
aports-d296edbee3843ff7756054b5ba48bc0acbd91d94.tar.xz
community/stunnel: rebuild against libressl-2.7
-rw-r--r--community/stunnel/APKBUILD6
-rw-r--r--community/stunnel/libressl-2.7.patch26
-rw-r--r--community/stunnel/stunnel-libressl.patch102
3 files changed, 29 insertions, 105 deletions
diff --git a/community/stunnel/APKBUILD b/community/stunnel/APKBUILD
index e04752630d..da5f5f8d31 100644
--- a/community/stunnel/APKBUILD
+++ b/community/stunnel/APKBUILD
@@ -4,7 +4,7 @@
# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
pkgname=stunnel
pkgver=5.44
-pkgrel=0
+pkgrel=1
pkgdesc="SSL encryption wrapper between network client and server."
url="http://www.stunnel.org/"
arch="all"
@@ -13,7 +13,7 @@ makedepends="libressl-dev"
subpackages="$pkgname-doc"
install="$pkgname.pre-install"
source="http://www.stunnel.org/downloads/archive/${pkgver%.*}.x/stunnel-$pkgver.tar.gz
- stunnel-libressl.patch
+ libressl-2.7.patch
stunnel.initd
stunnel.conf"
builddir="$srcdir/$pkgname-$pkgver"
@@ -50,6 +50,6 @@ package() {
}
sha512sums="a1aa4f234926208bf1b2c9acc0bf83dc0f2c8f575bc57f5ce89b32b4e3fde0412ea0ef7c2edb364fbe0b52fdd89773fab4df53950c58797c11b7668f3e4e7638 stunnel-5.44.tar.gz
-63d24daa59fb7416929915a8d17f8dda21f1702f5a2f11cb45d6ac0d91478fa892805b209fa7e181ec5910b1c5cad8c06d11c05d15868f7f7da46d87a05a5820 stunnel-libressl.patch
+f0174128a6c145f22b1fc7aaa23817eadae43105422b9638335409ad1491996bfc0c8c102a514593b0bcf0f06c0503fda1e4f92b0ea2a0a66bfe1b0f48071ec6 libressl-2.7.patch
33e215413e08fdd5783cc76e6ba6a2342fb6d0573f801815c4d3022625e71be6c9739d47a7a61bf7c803f27911b9c92cf6ae3e522add040f83802e1aaeaee000 stunnel.initd
a72bfddeb74787d58c9fd24782d86c0498ce3530a43fbdd4ec4c4b57baa6257b6ef21005aca274b22c4a22cdbbbcee63dd3d841f458af248db9c69e8d59fa56f stunnel.conf"
diff --git a/community/stunnel/libressl-2.7.patch b/community/stunnel/libressl-2.7.patch
new file mode 100644
index 0000000000..7287c49370
--- /dev/null
+++ b/community/stunnel/libressl-2.7.patch
@@ -0,0 +1,26 @@
+diff --git a/src/ctx.c b/src/ctx.c
+index b54fdbd..ef9aca1 100644
+--- a/src/ctx.c
++++ b/src/ctx.c
+@@ -398,7 +398,7 @@ NOEXPORT int ecdh_init(SERVICE_OPTIONS *section) {
+ /**************************************** initialize OpenSSL CONF */
+
+ NOEXPORT int conf_init(SERVICE_OPTIONS *section) {
+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+ SSL_CONF_CTX *cctx;
+ NAME_LIST *curr;
+ char *cmd, *param;
+diff --git a/src/verify.c b/src/verify.c
+index f9b9105..3b61b79 100644
+--- a/src/verify.c
++++ b/src/verify.c
+@@ -353,7 +353,7 @@ NOEXPORT int cert_check_local(X509_STORE_CTX *callback_ctx) {
+ cert=X509_STORE_CTX_get_current_cert(callback_ctx);
+ subject=X509_get_subject_name(cert);
+
+-#if OPENSSL_VERSION_NUMBER<0x10100006L
++#if OPENSSL_VERSION_NUMBER<0x10100006L || defined(LIBRESSL_VERSION_NUMBER)
+ #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs
+ #endif
+ /* modern API allows retrieving multiple matching certificates */
diff --git a/community/stunnel/stunnel-libressl.patch b/community/stunnel/stunnel-libressl.patch
deleted file mode 100644
index 84dc83e3c3..0000000000
--- a/community/stunnel/stunnel-libressl.patch
+++ /dev/null
@@ -1,102 +0,0 @@
-$OpenBSD: patch-src_common_h,v 1.1 2016/11/09 23:14:31 gsoares Exp $
---- a/src/common.h.orig Mon Jun 27 04:29:32 2016
-+++ b/src/common.h Thu Nov 3 23:57:29 2016
-@@ -448,7 +448,7 @@ extern char *sys_errlist[];
- #define OPENSSL_NO_TLS1_2
- #endif /* OpenSSL older than 1.0.1 || defined(OPENSSL_NO_TLS1) */
-
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- #ifndef OPENSSL_NO_SSL2
- #define OPENSSL_NO_SSL2
- #endif /* !defined(OPENSSL_NO_SSL2) */
-@@ -474,7 +474,7 @@ extern char *sys_errlist[];
- #include <openssl/des.h>
- #ifndef OPENSSL_NO_DH
- #include <openssl/dh.h>
--#if OPENSSL_VERSION_NUMBER<0x10100000L
-+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
- #endif /* OpenSSL older than 1.1.0 */
- #endif /* !defined(OPENSSL_NO_DH) */
-$OpenBSD: patch-src_ctx_c,v 1.5 2017/09/12 16:15:24 gsoares Exp $
-Index: src/ctx.c
---- a/src/ctx.c.orig
-+++ b/src/ctx.c
-@@ -295,7 +295,7 @@ NOEXPORT int matches_wildcard(char *servername, char *
-
- #ifndef OPENSSL_NO_DH
-
--#if OPENSSL_VERSION_NUMBER<0x10100000L
-+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx) {
- return ctx->cipher_list;
- }
-@@ -398,7 +398,7 @@ NOEXPORT int ecdh_init(SERVICE_OPTIONS *section) {
- /**************************************** initialize OpenSSL CONF */
-
- NOEXPORT int conf_init(SERVICE_OPTIONS *section) {
--#if OPENSSL_VERSION_NUMBER>=0x10002000L
-+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
- SSL_CONF_CTX *cctx;
- NAME_LIST *curr;
- char *cmd, *param;
-$OpenBSD: patch-src_ssl_c,v 1.6 2017/09/12 16:15:24 gsoares Exp $
-Index: src/ssl.c
---- a/src/ssl.c.orig
-+++ b/src/ssl.c
-@@ -51,7 +51,7 @@ int index_ssl_cli, index_ssl_ctx_opt;
- int index_session_authenticated, index_session_connect_address;
-
- int ssl_init(void) { /* init TLS before parsing configuration file */
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS |
- OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
- #else
-@@ -86,7 +86,7 @@ int ssl_init(void) { /* init TLS before parsing config
- }
-
- #ifndef OPENSSL_NO_DH
--#if OPENSSL_VERSION_NUMBER<0x10100000L
-+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- /* this is needed for dhparam.c generated with OpenSSL >= 1.1.0
- * to be linked against the older versions */
- int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {
-$OpenBSD: patch-src_sthreads_c,v 1.3 2017/09/12 16:15:24 gsoares Exp $
-Index: src/sthreads.c
---- a/src/sthreads.c.orig
-+++ b/src/sthreads.c
-@@ -216,7 +216,7 @@ void stunnel_rwlock_destroy_debug(struct CRYPTO_dynloc
-
- struct CRYPTO_dynlock_value stunnel_locks[STUNNEL_LOCKS];
-
--#if OPENSSL_VERSION_NUMBER<0x10100004L
-+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
- #define CRYPTO_THREAD_lock_new() CRYPTO_get_new_dynlockid()
- #endif
-
-$OpenBSD: patch-src_verify_c,v 1.6 2017/09/12 16:15:24 gsoares Exp $
-Index: src/verify.c
---- a/src/verify.c.orig
-+++ b/src/verify.c
-@@ -353,7 +353,7 @@ NOEXPORT int cert_check_local(X509_STORE_CTX *callback
- cert=X509_STORE_CTX_get_current_cert(callback_ctx);
- subject=X509_get_subject_name(cert);
-
--#if OPENSSL_VERSION_NUMBER<0x10100006L
-+#if OPENSSL_VERSION_NUMBER<0x10100006L || defined(LIBRESSL_VERSION_NUMBER)
- #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs
- #endif
- /* modern API allows retrieving multiple matching certificates */
---- a/src/options.c
-+++ b/src/options.c
-@@ -3656,7 +3656,7 @@
- }
- #endif
- /* engines can add new algorithms */
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS|
- OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
- #else