diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2018-10-29 18:52:46 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2018-11-07 16:46:10 +0000 |
| commit | 8393b73b18f6a5e3467309151594252de23ce832 (patch) | |
| tree | b807f9b4c37b55cfe1445e13d3d41ca7f401a596 | |
| parent | ae0018d343a878abee05ae8e145ebbc97c797974 (diff) | |
| download | aports-8393b73b18f6a5e3467309151594252de23ce832.tar.bz2 aports-8393b73b18f6a5e3467309151594252de23ce832.tar.xz | |
main/strongswan: rebuild against openssl 1.1
| -rw-r--r-- | main/strongswan/APKBUILD | 6 | ||||
| -rw-r--r-- | main/strongswan/libressl-fix.patch | 56 |
2 files changed, 2 insertions, 60 deletions
diff --git a/main/strongswan/APKBUILD b/main/strongswan/APKBUILD index 25bed28a65..65e2c13289 100644 --- a/main/strongswan/APKBUILD +++ b/main/strongswan/APKBUILD @@ -3,7 +3,7 @@ pkgname=strongswan pkgver=5.7.1 _pkgver=${pkgver//_rc/rc} -pkgrel=0 +pkgrel=1 pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE" url="https://www.strongswan.org/" arch="all" @@ -12,7 +12,7 @@ pkggroups="ipsec" license="GPL-2.0 RSA-MD5 RSA-PKCS11 DES" depends="iproute2" depends_dev="" -makedepends="$depends_dev linux-headers python2 sqlite-dev libressl-dev curl-dev +makedepends="$depends_dev linux-headers python2 sqlite-dev openssl-dev curl-dev gmp-dev libcap-dev" install="$pkgname.pre-install" subpackages="$pkgname-doc $pkgname-dbg" @@ -21,7 +21,6 @@ source="https://download.strongswan.org/$pkgname-$_pkgver.tar.bz2 1001-charon-add-optional-source-and-remote-overrides-for-.patch 1002-vici-send-certificates-for-ike-sa-events.patch 1003-vici-add-support-for-individual-sa-state-changes.patch - libressl-fix.patch strongswan.initd charon.initd @@ -129,6 +128,5 @@ sha512sums="43102814434bee7c27a5956be59099cc4ffb9bb5b0d6382ce4c6a80d1d82ed6639f6 21db8f153f535ef13cc7c9c011f9b90b8c794e0072bd93fda6a0a56dc00d32d04e186b1a72a87a85613b7e511eed5cb96623abf0721c67dd5c96446db969a185 1001-charon-add-optional-source-and-remote-overrides-for-.patch f7d98fb99b4855e8bfbb7369292c170536b1987e717feeda71f64ab71b35538e7d462609a773c6a6ed08c8e6ee7a186df12e1ea7d64b9dac0b17d4c7af17dab3 1002-vici-send-certificates-for-ike-sa-events.patch a4235cd07e17ad3441dc391ded11ee9f4debdffa1e8218809731e73a545ca6fcdc0bb87239d41b1102b0b6719a4d31d43758972d2193ebe298b275285de2ce54 1003-vici-add-support-for-individual-sa-state-changes.patch -7e3164bf49c583d1908644e9dc8aee57e17021265ae8a0c8d44b6e6798b8af270a66708eeee05600c8d6a0dd3bd8ab6cf5d7b238464acab68bd7a668e8a4e379 libressl-fix.patch 8b61e3ffbb39b837733e602ec329e626dc519bf7308d3d4192b497d18f38176789d23ef5afec51f8463ee1ddaf4d74546b965c03184132e217cbc27017e886c9 strongswan.initd 81a4a011c933289562ee53b4ff14c5180f2a1198aab517fa0e9e2b66c3deac0d6a26f2cfdbadd070ec518de19b6c56df10122c724d205bca5d4c96478081fa00 charon.initd" diff --git a/main/strongswan/libressl-fix.patch b/main/strongswan/libressl-fix.patch deleted file mode 100644 index a7074e0d92..0000000000 --- a/main/strongswan/libressl-fix.patch +++ /dev/null @@ -1,56 +0,0 @@ ---- strongswan-5.6.3/src/libstrongswan/plugins/openssl/openssl_crl.c -+++ strongswan-5.6.3.libressl/src/libstrongswan/plugins/openssl/openssl_crl.c -@@ -320,12 +320,7 @@ - return FALSE; - } - } -- /* i2d_re_X509_CRL_tbs() was added with 1.1.0 when X509_CRL became opaque */ --#if OPENSSL_VERSION_NUMBER >= 0x10100000L -- tbs = openssl_i2chunk(re_X509_CRL_tbs, this->crl); --#else - tbs = openssl_i2chunk(X509_CRL_INFO, this->crl->crl); --#endif - X509_CRL_get0_signature(this->crl, &sig, NULL); - valid = key->verify(key, this->scheme->scheme, this->scheme->params, tbs, - openssl_asn1_str2chunk(sig)); ---- strongswan-5.6.3/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c -+++ strongswan-5.6.3.libressl/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c -@@ -39,8 +39,8 @@ - OPENSSL_KEY_FALLBACK(RSA, key, n, e, d) - OPENSSL_KEY_FALLBACK(RSA, factors, p, q) - OPENSSL_KEY_FALLBACK(RSA, crt_params, dmp1, dmq1, iqmp) --#define BN_secure_new() BN_new() - #endif -+#define BN_secure_new() BN_new() - - typedef struct private_openssl_rsa_private_key_t private_openssl_rsa_private_key_t; - ---- strongswan-5.6.3/src/libstrongswan/plugins/openssl/openssl_util.c -+++ strongswan-5.6.3.libressl/src/libstrongswan/plugins/openssl/openssl_util.c -@@ -22,11 +22,8 @@ - #include <openssl/evp.h> - #include <openssl/x509.h> - --/* these were added with 1.1.0 when ASN1_OBJECT was made opaque */ --#if OPENSSL_VERSION_NUMBER < 0x10100000L - #define OBJ_get0_data(o) ((o)->data) - #define OBJ_length(o) ((o)->length) --#endif - - /** - * Described in header. ---- strongswan-5.6.3/src/libstrongswan/plugins/openssl/openssl_x509.c -+++ strongswan-5.6.3.libressl/src/libstrongswan/plugins/openssl/openssl_x509.c -@@ -420,12 +420,7 @@ - { - return FALSE; - } -- /* i2d_re_X509_tbs() was added with 1.1.0 when X509 was made opaque */ --#if OPENSSL_VERSION_NUMBER >= 0x10100000L -- tbs = openssl_i2chunk(re_X509_tbs, this->x509); --#else - tbs = openssl_i2chunk(X509_CINF, this->x509->cert_info); --#endif - X509_get0_signature(&sig, NULL, this->x509); - valid = key->verify(key, this->scheme->scheme, this->scheme->params, tbs, - openssl_asn1_str2chunk(sig)); |