main/openldap: upgrade to 2.4.45

author: Leonardo Arena <rnalrd@alpinelinux.org> 2017-10-25 07:46:27 +0000
committer: Leonardo Arena <rnalrd@alpinelinux.org> 2017-10-25 07:46:38 +0000
commit: bdd82beef991942efa6f1250e1094a96f8c9099e (patch)
tree: 2b1a297169de381dfb7bd8ba171aca62d3dce56f /main
parent: 26ee79bf349beaab8337c7de99b445956d36279e (diff)
download: aports-bdd82beef991942efa6f1250e1094a96f8c9099e.tar.bz2
aports-bdd82beef991942efa6f1250e1094a96f8c9099e.tar.xz
2 files changed, 70 insertions, 5 deletions
diff --git a/main/openldap/APKBUILD b/main/openldap/APKBUILD
index f16369a22a..877dd274c1 100644
--- a/main/openldap/APKBUILD
+++ b/main/openldap/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=openldap
-pkgver=2.4.44
-pkgrel=5
+pkgver=2.4.45
+pkgrel=0
 pkgdesc="LDAP Server"
 url="http://www.openldap.org/"
 arch="all"
@@ -25,7 +25,7 @@ source="ftp://ftp.$pkgname.org/pub/OpenLDAP/$pkgname-release/$pkgname-$pkgver.tg
 	openldap-2.4.11-libldap_r.patch
 	bdb-enabled-by-default.patch
 	openldap-mqtt-overlay.patch
-	CVE-2017-9287.patch
+	libressl.patch
 
 	slapd.initd
 	slapd.confd
@@ -164,12 +164,12 @@ passwd_pbkdf2() {
 	mv "$pkgdir"/usr/lib/openldap/pw-pbkdf2.* "$subpkgdir"/usr/lib/openldap || return 1
 }
 
-sha512sums="132eb81798f59a364c9246d08697e1c7ebb6c2c3b983f786b14ec0233df09696cbad33a1f35f3076348b5efb77665a076ab854a24122c31e8b58310b7c7fd136  openldap-2.4.44.tgz
+sha512sums="1c9fc84efed8998f107ce6e1c6be3f5466388241afdca0cb3847720c9def0bc263a2dbc15bf0f9112d1b4c391fd01e8531a4fb08c5532c30fb86924c08daedab  openldap-2.4.45.tgz
 5d34d49eabe7cb66cf8284cc3bd9730fa23df4932df68549e242d250ee50d40c434ae074ebc720d5fbcd9d16587c9333c5598d30a5f1177caa61461ab7771f38  openldap-2.4-ppolicy.patch
 44d97efb25d4f39ab10cd5571db43f3bfa7c617a5bb087085ae16c0298aca899b55c8742a502121ba743a73e6d77cd2056bc96cee63d6d0862dabc8fb5574357  openldap-2.4.11-libldap_r.patch
 d94f791ff3d10f1fe244a6a071331d6dd5933ed859e1cf9465654e650ff7223eedad5f054ad77de2ad4dbbd0b4a2cfda970ad733baaa833183aee996216bdbf1  bdb-enabled-by-default.patch
 9c7f41279e91ed995c91e9a8c543c797d9294a93cf260afdc03ab5777e45ed045a4d6a4d4d0180b5dc387dc04babca01d818fbfa8168309df44f4500d2a430a4  openldap-mqtt-overlay.patch
-e81417c5df06148ddc6c4458c63349045b750b0f5ca981f92596777996114480301bc0ae62eb82a2cc242a025f53de3174efef5e3c28a54a94ccee773435a42a  CVE-2017-9287.patch
+cbfd573139e6b0c51d0f1f1337d74d5c07813509754758df240b09bc2ba559127f656580eef88f1db1c1322d7cb05042b1926e046e24c19889759647aee7aec6  libressl.patch
 1a5490a29a2be8382a64d3d07a36906d2189571f4c44d8ad96b769db58d91a33b2eee24fe10343ec26440fa61cfd406c4e95153dce29c2f315d1f13f5b0f47e8  slapd.initd
 8290769b63b3a5863622de2deb9269a0711ba5f4a225eb230d7c5097937b9d4e8cf5a998ee99232824e2335ae1b6e0114357b61c9611bc2460ebd195d12eabae  slapd.confd
 c8bffecdbd09583bec7720b5f6a5b9680b0eae055fd63f10736cf2fe25378b95acddf910e60f6408c9637a3fe48050299cfb500a6bc9a95a0ef135d5a4c4d5f9  slurpd.initd"
diff --git a/main/openldap/libressl.patch b/main/openldap/libressl.patch
new file mode 100644
index 0000000000..ac01064186
--- /dev/null
+++ b/main/openldap/libressl.patch
@@ -0,0 +1,65 @@
+--- a/libraries/libldap/tls_o.c.orig	2017-06-04 16:31:28 UTC
++++ b/libraries/libldap/tls_o.c
+@@ -47,7 +47,7 @@
+ #include <ssl.h>
+ #endif
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000
++#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
+ #define ASN1_STRING_data(x)	ASN1_STRING_get0_data(x)
+ #endif
+ 
+@@ -157,7 +157,7 @@ tlso_init( void )
+ 	(void) tlso_seed_PRNG( lo->ldo_tls_randfile );
+ #endif
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000
++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
+ 	SSL_load_error_strings();
+ 	SSL_library_init();
+ 	OpenSSL_add_all_digests();
+@@ -205,7 +205,7 @@ static void
+ tlso_ctx_ref( tls_ctx *ctx )
+ {
+ 	tlso_ctx *c = (tlso_ctx *)ctx;
+-#if OPENSSL_VERSION_NUMBER < 0x10100000
++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
+ #define	SSL_CTX_up_ref(ctx)	CRYPTO_add( &(ctx->references), 1, CRYPTO_LOCK_SSL_CTX )
+ #endif
+ 	SSL_CTX_up_ref( c );
+@@ -464,7 +464,7 @@ tlso_session_my_dn( tls_session *sess, struct berval *
+ 	if (!x) return LDAP_INVALID_CREDENTIALS;
+ 	
+ 	xn = X509_get_subject_name(x);
+-#if OPENSSL_VERSION_NUMBER < 0x10100000
++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
+ 	der_dn->bv_len = i2d_X509_NAME( xn, NULL );
+ 	der_dn->bv_val = xn->bytes->data;
+ #else
+@@ -500,7 +500,7 @@ tlso_session_peer_dn( tls_session *sess, struct berval
+ 		return LDAP_INVALID_CREDENTIALS;
+ 
+ 	xn = X509_get_subject_name(x);
+-#if OPENSSL_VERSION_NUMBER < 0x10100000
++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
+ 	der_dn->bv_len = i2d_X509_NAME( xn, NULL );
+ 	der_dn->bv_val = xn->bytes->data;
+ #else
+@@ -721,7 +721,7 @@ struct tls_data {
+ 	Sockbuf_IO_Desc		*sbiod;
+ };
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000
++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
+ #define BIO_set_init(b, x)	b->init = x
+ #define BIO_set_data(b, x)	b->ptr = x
+ #define BIO_clear_flags(b, x)	b->flags &= ~(x)
+@@ -822,7 +822,7 @@ tlso_bio_puts( BIO *b, const char *str )
+ 	return tlso_bio_write( b, str, strlen( str ) );
+ }
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000
++#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
+ struct bio_method_st {
+     int type;
+     const char *name;
author	Leonardo Arena <rnalrd@alpinelinux.org>	2017-10-25 07:46:27 +0000
committer	Leonardo Arena <rnalrd@alpinelinux.org>	2017-10-25 07:46:38 +0000
commit	bdd82beef991942efa6f1250e1094a96f8c9099e (patch)
tree	2b1a297169de381dfb7bd8ba171aca62d3dce56f /main
parent	26ee79bf349beaab8337c7de99b445956d36279e (diff)
download	aports-bdd82beef991942efa6f1250e1094a96f8c9099e.tar.bz2 aports-bdd82beef991942efa6f1250e1094a96f8c9099e.tar.xz