community/perl-crypt-openssl-verifyx509: move from testing

1 files changed, 90 insertions, 0 deletions

diff --git a/community/perl-crypt-openssl-verifyx509/fix-bug-121214-compilation-fails-openssl_1.1.0.patch b/community/perl-crypt-openssl-verifyx509/fix-bug-121214-compilation-fails-openssl_1.1.0.patch
new file mode 100644
index 0000000000..762a5bcb5b
--- /dev/null
+++ b/community/perl-crypt-openssl-verifyx509/fix-bug-121214-compilation-fails-openssl_1.1.0.patch
@@ -0,0 +1,90 @@
+OPENSSL deprecated several cleanup functions since
+[quote]
+... the OpenSSL libraries now normally do all thread initialisation and
+deinitialisation automatically (see OPENSSL_init_crypto).
+[end of quote]
+
+To hint the appropriate API version exposed by openssl, the opensslconf.h
+suggests:
+[quote]
+/*
+ * Applications should use -DOPENSSL_API_COMPAT=<version> to suppress the
+ * declarations of functions deprecated in or before <version>. Otherwise, they
+ * still won't see them if the library has been built to disable deprecated
+ * functions.
+ */
+[end of quote]
+
+Due to -Werror the deprecation warnings lead to compilation errors so
+let's just specify that we want OpenSSL API version >= 1.1.x in the
+Makefile (and retain the old, pre OpenSSL-1.0, code for now).
+
+All tests in Crypt-OpenSSL-VerifyX509-0.10 pass for me.
+
+--- Crypt-OpenSSL-VerifyX509-0.10.orig/Makefile.PL	2017-05-10 20:08:03.338777954 +0200
++++ Crypt-OpenSSL-VerifyX509-0.10/Makefile.PL	2017-05-10 19:30:13.250719288 +0200
+@@ -54,7 +54,7 @@ if (-d "/usr/include/openssl") {
+ }
+ 
+ cc_lib_links('crypto');
+-cc_optimize_flags('-O3 -Wall -Werror');
++cc_optimize_flags('-O3 -Wall -Werror -DOPENSSL_API_COMPAT=0x10100000L');
+ 
+ requires 'Crypt::OpenSSL::X509';
+ 
+--- Crypt-OpenSSL-VerifyX509-0.10.orig/VerifyX509.xs	2017-05-10 15:45:17.838331883 +0200
++++ Crypt-OpenSSL-VerifyX509-0.10/VerifyX509.xs	2017-05-10 20:06:03.094774846 +0200
+@@ -17,7 +17,7 @@ typedef X509*  Crypt__OpenSSL__X509;
+ 
+ static int verify_cb(int ok, X509_STORE_CTX *ctx) {
+   if (!ok)
+-    switch (ctx->error) {
++    switch (X509_STORE_CTX_get_error (ctx)) {
+     case X509_V_ERR_CERT_HAS_EXPIRED:
+  /* case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: */
+     case X509_V_ERR_INVALID_CA:
+@@ -37,13 +37,20 @@ static const char *ssl_error(void) {
+ }
+ 
+ static const char *ctx_error(X509_STORE_CTX *ctx) {
+-  return X509_verify_cert_error_string(ctx->error);
++  return X509_verify_cert_error_string(X509_STORE_CTX_get_error (ctx));
+ }
+ 
+ MODULE = Crypt::OpenSSL::VerifyX509    PACKAGE = Crypt::OpenSSL::VerifyX509
+ 
+ PROTOTYPES: DISABLE
+ 
++#if OPENSSL_API_COMPAT >= 0x10100000L
++#undef ERR_load_crypto_strings
++#define ERR_load_crypto_strings() /* nothing */
++#undef OpenSSL_add_all_algorithms
++# define OpenSSL_add_all_algorithms() /* nothing */
++#endif
++
+ BOOT:
+   ERR_load_crypto_strings();
+   ERR_load_ERR_strings();
+@@ -134,6 +141,15 @@ DESTROY(store)
+ 
+   if (store) X509_STORE_free(store); store = 0;
+ 
++
++#if OPENSSL_API_COMPAT >= 0x10100000L
++void
++__X509_cleanup(void)
++  PPCODE:
++
++  /* deinitialisation is done automatically */
++
++#else
+ void
+ __X509_cleanup(void)
+   PPCODE:
+@@ -142,3 +158,6 @@ __X509_cleanup(void)
+   ERR_free_strings();
+   ERR_remove_state(0);
+   EVP_cleanup();
++
++#endif
++