aboutsummaryrefslogtreecommitdiffstats
path: root/main/strongswan/libressl.patch
diff options
context:
space:
mode:
authorTimo Teräs <timo.teras@iki.fi>2016-11-07 09:51:06 +0200
committerTimo Teräs <timo.teras@iki.fi>2016-11-07 09:51:06 +0200
commit4a4776379ec19429dda0153467b4efdae4fe1bb5 (patch)
tree3dd9ff8d14278d913fac242219583eb44a15af0a /main/strongswan/libressl.patch
parentbfbbc4254ea59cb538d4ea741bccc1aa93709df4 (diff)
downloadaports-4a4776379ec19429dda0153467b4efdae4fe1bb5.tar.bz2
aports-4a4776379ec19429dda0153467b4efdae4fe1bb5.tar.xz
main/strongswan: fix libressl support, remove deprecated patch
Diffstat (limited to 'main/strongswan/libressl.patch')
-rw-r--r--main/strongswan/libressl.patch201
1 files changed, 196 insertions, 5 deletions
diff --git a/main/strongswan/libressl.patch b/main/strongswan/libressl.patch
index b01eff3e4a..9973b20cee 100644
--- a/main/strongswan/libressl.patch
+++ b/main/strongswan/libressl.patch
@@ -1,8 +1,133 @@
-diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
-index 3e3b986..ada218c 100644
---- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
-+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
-@@ -573,7 +573,7 @@ plugin_t *openssl_plugin_create()
+diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_crl.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_crl.c
+--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_crl.c 2016-06-30 17:20:10.000000000 +0300
++++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_crl.c 2016-11-07 09:43:34.386040269 +0200
+@@ -46,7 +46,7 @@
+ #include <collections/enumerator.h>
+ #include <credentials/certificates/x509.h>
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ static inline void X509_CRL_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, const X509_CRL *crl) {
+ if (psig) { *psig = crl->signature; }
+ if (palg) { *palg = crl->sig_alg; }
+@@ -281,7 +281,7 @@
+ return FALSE;
+ }
+ /* i2d_re_X509_CRL_tbs() was added with 1.1.0 when X509_CRL became opaque */
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ tbs = openssl_i2chunk(re_X509_CRL_tbs, this->crl);
+ #else
+ tbs = openssl_i2chunk(X509_CRL_INFO, this->crl->crl);
+@@ -524,7 +524,7 @@
+
+ X509_CRL_get0_signature(NULL, &alg, this->crl);
+ X509_ALGOR_get0(&oid, NULL, NULL, alg);
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ if (!chunk_equals(
+ openssl_asn1_obj2chunk(this->crl->crl->sig_alg->algorithm),
+ openssl_asn1_obj2chunk(this->crl->sig_alg->algorithm)))
+diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
+--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c 2016-06-30 17:20:10.000000000 +0300
++++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c 2016-11-07 09:43:49.292891861 +0200
+@@ -27,7 +27,7 @@
+ #include <utils/debug.h>
+
+ /* these were added with 1.1.0 when DH was made opaque */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ OPENSSL_KEY_FALLBACK(DH, key, pub_key, priv_key)
+ OPENSSL_KEY_FALLBACK(DH, pqg, p, q, g)
+ #define DH_set_length(dh, len) ({ (dh)->length = len; 1; })
+diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
+--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c 2016-10-08 15:17:09.000000000 +0300
++++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c 2016-11-07 09:43:54.582957491 +0200
+@@ -28,7 +28,7 @@
+ #include <openssl/ecdsa.h>
+ #include <openssl/x509.h>
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ OPENSSL_KEY_FALLBACK(ECDSA_SIG, r, s)
+ #endif
+
+diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
+--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c 2016-06-30 17:20:10.000000000 +0300
++++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c 2016-11-07 09:43:58.653007980 +0200
+@@ -27,7 +27,7 @@
+ #include <openssl/ecdsa.h>
+ #include <openssl/x509.h>
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ OPENSSL_KEY_FALLBACK(ECDSA_SIG, r, s)
+ #endif
+
+diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_hmac.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_hmac.c
+--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_hmac.c 2016-06-30 17:20:10.000000000 +0300
++++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_hmac.c 2016-11-07 09:44:46.043595875 +0200
+@@ -70,7 +70,7 @@
+ */
+ HMAC_CTX *hmac;
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ /**
+ * Static context for OpenSSL < 1.1.0
+ */
+@@ -140,7 +140,7 @@
+ METHOD(mac_t, destroy, void,
+ private_mac_t *this)
+ {
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ HMAC_CTX_free(this->hmac);
+ #else
+ HMAC_CTX_cleanup(&this->hmac_ctx);
+@@ -178,7 +178,7 @@
+ return NULL;
+ }
+
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ this->hmac = HMAC_CTX_new();
+ #else
+ HMAC_CTX_init(&this->hmac_ctx);
+diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_pkcs7.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_pkcs7.c
+--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_pkcs7.c 2016-07-08 11:57:18.000000000 +0300
++++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_pkcs7.c 2016-11-07 09:44:58.337081716 +0200
+@@ -29,7 +29,7 @@
+
+ #include <openssl/cms.h>
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #define X509_ATTRIBUTE_get0_object(attr) ({ (attr)->object; })
+ #endif
+
+diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_plugin.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_plugin.c
+--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_plugin.c 2016-10-08 15:17:09.000000000 +0300
++++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_plugin.c 2016-11-07 09:45:31.187489232 +0200
+@@ -68,7 +68,7 @@
+ /**
+ * OpenSSL is thread-safe since 1.1.0
+ */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+
+ /**
+ * Array of static mutexs, with CRYPTO_num_locks() mutex
+@@ -568,7 +568,7 @@
+ /* OpenSSL 1.1.0 cleans up itself at exit and while OPENSSL_cleanup() exists we
+ * can't call it as we couldn't re-initialize the library (as required by the
+ * unit tests and the Android app) */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #ifndef OPENSSL_IS_BORINGSSL
+ CONF_modules_free();
+ OBJ_cleanup();
+@@ -623,7 +623,7 @@
},
);
@@ -11,3 +136,69 @@ index 3e3b986..ada218c 100644
/* note that we can't call OPENSSL_cleanup() when the plugin is destroyed
* as we couldn't initialize the library again afterwards */
OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG |
+diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
+--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c 2016-10-08 15:17:09.000000000 +0300
++++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c 2016-11-07 09:45:57.407814497 +0200
+@@ -36,7 +36,7 @@
+ */
+ #define PUBLIC_EXPONENT 0x10001
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ OPENSSL_KEY_FALLBACK(RSA, key, n, e, d)
+ OPENSSL_KEY_FALLBACK(RSA, factors, p, q)
+ OPENSSL_KEY_FALLBACK(RSA, crt_params, dmp1, dmq1, iqmp)
+diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
+--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c 2016-09-27 11:40:31.000000000 +0300
++++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c 2016-11-07 09:46:02.771214366 +0200
+@@ -28,7 +28,7 @@
+ #include <openssl/rsa.h>
+ #include <openssl/x509.h>
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ OPENSSL_KEY_FALLBACK(RSA, key, n, e, d)
+ #endif
+
+diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_util.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_util.c
+--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_util.c 2016-06-30 17:20:10.000000000 +0300
++++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_util.c 2016-11-07 09:46:15.918044119 +0200
+@@ -23,7 +23,7 @@
+ #include <openssl/x509.h>
+
+ /* these were added with 1.1.0 when ASN1_OBJECT was made opaque */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #define OBJ_get0_data(o) ((o)->data)
+ #define OBJ_length(o) ((o)->length)
+ #endif
+diff -ru strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_x509.c strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_x509.c
+--- strongswan-5.5.1.orig/src/libstrongswan/plugins/openssl/openssl_x509.c 2016-06-30 17:20:10.000000000 +0300
++++ strongswan-5.5.1/src/libstrongswan/plugins/openssl/openssl_x509.c 2016-11-07 09:46:51.818489485 +0200
+@@ -61,7 +61,7 @@
+ #endif
+
+ /* added with 1.0.2 */
+-#if OPENSSL_VERSION_NUMBER < 0x10002000L
++#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
+ static inline void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, const X509 *x) {
+ if (psig) { *psig = x->signature; }
+ if (palg) { *palg = x->sig_alg; }
+@@ -69,7 +69,7 @@
+ #endif
+
+ /* added with 1.1.0 when X509 etc. was made opaque */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #define X509_get0_extensions(x509) ({ (x509)->cert_info->extensions; })
+ #define X509_get0_tbs_sigalg(x509) ({ (x509)->cert_info->signature; })
+ #define X509_ALGOR_get0(oid, ppt, ppv, alg) ({ *(oid) = (alg)->algorithm; })
+@@ -434,7 +434,7 @@
+ return FALSE;
+ }
+ /* i2d_re_X509_tbs() was added with 1.1.0 when X509 was made opaque */
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ tbs = openssl_i2chunk(re_X509_tbs, this->x509);
+ #else
+ tbs = openssl_i2chunk(X509_CINF, this->x509->cert_info);
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-01 02:36:58 +0000