diff options
-rw-r--r-- | main/socat/APKBUILD | 27 | ||||
-rw-r--r-- | main/socat/socat-libressl.patch | 208 |
2 files changed, 224 insertions, 11 deletions
diff --git a/main/socat/APKBUILD b/main/socat/APKBUILD index 3e174de677..5d2affcb28 100644 --- a/main/socat/APKBUILD +++ b/main/socat/APKBUILD @@ -2,21 +2,23 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=socat pkgver=1.7.3.1 -pkgrel=0 +pkgrel=1 pkgdesc="Multipurpose relay for binary protocols" url="http://www.dest-unreach.org/socat/" arch="all" license="GPL" depends= -makedepends="openssl-dev readline-dev linux-headers" +makedepends="libressl-dev readline-dev linux-headers" subpackages="$pkgname-doc" source="http://www.dest-unreach.org/$pkgname/download/$pkgname-$pkgver.tar.bz2 use-linux-headers.patch - netdb-internal.patch" + netdb-internal.patch + socat-libressl.patch + " -_builddir="$srcdir/$pkgname-$pkgver" +builddir="$srcdir/$pkgname-$pkgver" prepare() { - cd "$_builddir" + cd "$builddir" for i in $source; do case $i in *.patch) @@ -28,7 +30,7 @@ prepare() { } build() { - cd "$_builddir" + cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -40,20 +42,23 @@ build() { doc() { default_doc mkdir -p "$subpkgdir"/usr/share/socat/ - install -m644 "$_builddir"/EXAMPLES "$_builddir"/doc/*.html "$_builddir"/doc/*.css "$subpkgdir"/usr/share/"$pkgname"/ + install -m644 "$builddir"/EXAMPLES "$builddir"/doc/*.html "$builddir"/doc/*.css "$subpkgdir"/usr/share/"$pkgname"/ } package() { - cd "$_builddir" + cd "$builddir" make DESTDIR="$pkgdir" install || return 1 } md5sums="334e46924f2b386299c9db2ac22bcd36 socat-1.7.3.1.tar.bz2 c87e489c0cb4baa22c8a051fab022f03 use-linux-headers.patch -66d19b98f4de8d8f1f4d67924c9d3da6 netdb-internal.patch" +66d19b98f4de8d8f1f4d67924c9d3da6 netdb-internal.patch +d87accad347a8f68ba4c1509dc3de063 socat-libressl.patch" sha256sums="d2da659540c38139f388e9437bfaae16bb458d174d056cb3228432a8f489fbaa socat-1.7.3.1.tar.bz2 609f0499d9c61cff6aa4b9be2fa4a7051463de986742f5af5181af1c7238ae86 use-linux-headers.patch -ff671b41583a974f439c3ee8d223422d6f23ad508f404a4fbc240336eeb447a3 netdb-internal.patch" +ff671b41583a974f439c3ee8d223422d6f23ad508f404a4fbc240336eeb447a3 netdb-internal.patch +a543bc4ecaa5bdd3501594a859c232b9fab72ea45e6663950901870d9c62331b socat-libressl.patch" sha512sums="463340f578d4d1d54458b8ef9573ad3eff51dbcc736205e1b62e9a4782770d4bb76e6a07506350fd35405b130660559aaa79dfa2664c53ea268d7d64231f9b32 socat-1.7.3.1.tar.bz2 2032b6528cb27b69d8fb6a6f64af32fcc1f6e4934bb0d7c8931b38ab7ad5e27f6f4344a6cf49751fa3178cd725f954e195373362f7d5929e587d7f0309346059 use-linux-headers.patch -22a6e0c2317a9317997c98114daac258ebbcc3d8e58e49a6ebf24781b98967afed47c63807282582fa0909076fe349281f05e4462faacb90e7aabc853903d6e6 netdb-internal.patch" +22a6e0c2317a9317997c98114daac258ebbcc3d8e58e49a6ebf24781b98967afed47c63807282582fa0909076fe349281f05e4462faacb90e7aabc853903d6e6 netdb-internal.patch +ef756e5c5ef21c6d81942cbc47e31a3f3a07a4a576bd92335e150f71deb26cbb059e1fb2e431fa2fa9c27fb430b1d3273972b49eda0a35a06bb6bd4e75788521 socat-libressl.patch" diff --git a/main/socat/socat-libressl.patch b/main/socat/socat-libressl.patch new file mode 100644 index 0000000000..988821332d --- /dev/null +++ b/main/socat/socat-libressl.patch @@ -0,0 +1,208 @@ +diff --git a/doc/xio.help b/doc/xio.help +index 3a6eb8d..f005b1c 100644 +--- a/doc/xio.help ++++ b/doc/xio.help +@@ -4566,19 +4566,6 @@ must contain certificates in PEM format and their hashes (see OpenSSL + documentation) + + +-Option: openssl-egd=file +-Aliases: egd +- +-Type: FILENAME +-Option group: OPENSSL +-Phase: SPEC +-Platforms: (depends on openssl installation) +- +-On some systems, openssl requires an explicit source of random data. Specify +-the socket name where an entropy gathering daemon like egd provides random +-data, e.g. /dev/egd-pool. +- +- + Option: openssl-pseudo + Aliases: pseudo + +diff --git a/sslcls.c b/sslcls.c +index 6ddc077..3f7c6a0 100644 +--- a/sslcls.c ++++ b/sslcls.c +@@ -55,6 +55,7 @@ const SSL_METHOD *sycSSLv2_server_method(void) { + } + #endif + ++#ifdef HAVE_SSLv3_client_method + const SSL_METHOD *sycSSLv3_client_method(void) { + const SSL_METHOD *result; + Debug("SSLv3_client_method()"); +@@ -62,7 +63,9 @@ const SSL_METHOD *sycSSLv3_client_method(void) { + Debug1("SSLv3_client_method() -> %p", result); + return result; + } ++#endif + ++#ifdef HAVE_SSLv3_server_method + const SSL_METHOD *sycSSLv3_server_method(void) { + const SSL_METHOD *result; + Debug("SSLv3_server_method()"); +@@ -70,6 +73,7 @@ const SSL_METHOD *sycSSLv3_server_method(void) { + Debug1("SSLv3_server_method() -> %p", result); + return result; + } ++#endif + + const SSL_METHOD *sycSSLv23_client_method(void) { + const SSL_METHOD *result; +@@ -331,14 +335,6 @@ void sycSSL_free(SSL *ssl) { + return; + } + +-int sycRAND_egd(const char *path) { +- int result; +- Debug1("RAND_egd(\"%s\")", path); +- result = RAND_egd(path); +- Debug1("RAND_egd() -> %d", result); +- return result; +-} +- + DH *sycPEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u) { + DH *result; + Debug4("PEM_read_bio_DHparams(%p, %p, %p, %p)", +@@ -375,7 +371,7 @@ int sycFIPS_mode_set(int onoff) { + } + #endif /* WITH_FIPS */ + +-#if OPENSSL_VERSION_NUMBER >= 0x00908000L ++#if (OPENSSL_VERSION_NUMBER >= 0x00908000L) && !defined(OPENSSL_NO_COMP) + const COMP_METHOD *sycSSL_get_current_compression(SSL *ssl) { + const COMP_METHOD *result; + Debug1("SSL_get_current_compression(%p)", ssl); +diff --git a/sslcls.h b/sslcls.h +index aece28a..7ed2283 100644 +--- a/sslcls.h ++++ b/sslcls.h +@@ -47,7 +47,6 @@ X509 *sycSSL_get_peer_certificate(SSL *ssl); + int sycSSL_shutdown(SSL *ssl); + void sycSSL_CTX_free(SSL_CTX *ctx); + void sycSSL_free(SSL *ssl); +-int sycRAND_egd(const char *path); + + DH *sycPEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u); + +@@ -55,7 +54,7 @@ BIO *sycBIO_new_file(const char *filename, const char *mode); + + int sycFIPS_mode_set(int onoff); + +-#if OPENSSL_VERSION_NUMBER >= 0x00908000L ++#if (OPENSSL_VERSION_NUMBER >= 0x00908000L) && !defined(OPENSSL_NO_COMP) + const COMP_METHOD *sycSSL_get_current_compression(SSL *ssl); + const COMP_METHOD *sycSSL_get_current_expansion(SSL *ssl); + const char *sycSSL_COMP_get_name(const COMP_METHOD *comp); +@@ -98,7 +97,6 @@ const char *sycSSL_COMP_get_name(const COMP_METHOD *comp); + #define sycSSL_shutdown(s) SSL_shutdown(s) + #define sycSSL_CTX_free(c) SSL_CTX_free(c) + #define sycSSL_free(s) SSL_free(s) +-#define sycRAND_egd(p) RAND_egd(p) + + #define sycPEM_read_bio_DHparams(b,x,p,u) PEM_read_bio_DHparams(b,x,p,u) + +diff --git a/xio-openssl.c b/xio-openssl.c +index b7e95c1..b77d340 100644 +--- a/xio-openssl.c ++++ b/xio-openssl.c +@@ -108,7 +108,6 @@ const struct optdesc opt_openssl_key = { "openssl-key", "key", + const struct optdesc opt_openssl_dhparam = { "openssl-dhparam", "dh", OPT_OPENSSL_DHPARAM, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC }; + const struct optdesc opt_openssl_cafile = { "openssl-cafile", "cafile", OPT_OPENSSL_CAFILE, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC }; + const struct optdesc opt_openssl_capath = { "openssl-capath", "capath", OPT_OPENSSL_CAPATH, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC }; +-const struct optdesc opt_openssl_egd = { "openssl-egd", "egd", OPT_OPENSSL_EGD, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC }; + const struct optdesc opt_openssl_pseudo = { "openssl-pseudo", "pseudo", OPT_OPENSSL_PSEUDO, GROUP_OPENSSL, PH_SPEC, TYPE_BOOL, OFUNC_SPEC }; + #if OPENSSL_VERSION_NUMBER >= 0x00908000L + const struct optdesc opt_openssl_compress = { "openssl-compress", "compress", OPT_OPENSSL_COMPRESS, GROUP_OPENSSL, PH_SPEC, TYPE_STRING, OFUNC_SPEC }; +@@ -147,7 +146,7 @@ int xio_reset_fips_mode(void) { + static void openssl_conn_loginfo(SSL *ssl) { + Notice1("SSL connection using %s", SSL_get_cipher(ssl)); + +-#if OPENSSL_VERSION_NUMBER >= 0x00908000L ++#if (OPENSSL_VERSION_NUMBER >= 0x00908000L) && !defined(OPENSSL_NO_COMP) + { + const COMP_METHOD *comp, *expansion; + +@@ -722,7 +721,6 @@ int + char *opt_dhparam = NULL; /* file name of DH params */ + char *opt_cafile = NULL; /* certificate authority file */ + char *opt_capath = NULL; /* certificate authority directory */ +- char *opt_egd = NULL; /* entropy gathering daemon socket path */ + #if OPENSSL_VERSION_NUMBER >= 0x00908000L + char *opt_compress = NULL; /* compression method */ + #endif +@@ -741,7 +739,6 @@ int + retropt_string(opts, OPT_OPENSSL_CAPATH, &opt_capath); + retropt_string(opts, OPT_OPENSSL_KEY, &opt_key); + retropt_string(opts, OPT_OPENSSL_DHPARAM, &opt_dhparam); +- retropt_string(opts, OPT_OPENSSL_EGD, &opt_egd); + retropt_bool(opts,OPT_OPENSSL_PSEUDO, &opt_pseudo); + #if OPENSSL_VERSION_NUMBER >= 0x00908000L + retropt_string(opts, OPT_OPENSSL_COMPRESS, &opt_compress); +@@ -877,10 +874,6 @@ int + } + } + +- if (opt_egd) { +- sycRAND_egd(opt_egd); +- } +- + if (opt_pseudo) { + long int randdata; + /* initialize libc random from actual microseconds */ +@@ -1105,7 +1098,7 @@ static int openssl_SSL_ERROR_SSL(int level, const char *funcname) { + if (e == ((ERR_LIB_RAND<<24)| + (RAND_F_SSLEAY_RAND_BYTES<<12)| + (RAND_R_PRNG_NOT_SEEDED)) /*0x24064064*/) { +- Error("too few entropy; use options \"egd\" or \"pseudo\""); ++ Error("too few entropy; use option \"pseudo\""); + stat = STAT_NORETRY; + } else { + Msg2(level, "%s(): %s", funcname, ERR_error_string(e, buf)); +diff --git a/xio-openssl.h b/xio-openssl.h +index 9cad8f4..cc20e36 100644 +--- a/xio-openssl.h ++++ b/xio-openssl.h +@@ -21,7 +21,6 @@ extern const struct optdesc opt_openssl_key; + extern const struct optdesc opt_openssl_dhparam; + extern const struct optdesc opt_openssl_cafile; + extern const struct optdesc opt_openssl_capath; +-extern const struct optdesc opt_openssl_egd; + extern const struct optdesc opt_openssl_pseudo; + #if OPENSSL_VERSION_NUMBER >= 0x00908000L + extern const struct optdesc opt_openssl_compress; +diff --git a/xioopts.c b/xioopts.c +index 3b0f300..b1b5943 100644 +--- a/xioopts.c ++++ b/xioopts.c +@@ -412,7 +412,6 @@ const struct optname optionnames[] = { + #ifdef ECHOPRT + IF_TERMIOS("echoprt", &opt_echoprt) + #endif +- IF_OPENSSL("egd", &opt_openssl_egd) + IF_ANY ("end-close", &opt_end_close) + IF_TERMIOS("eof", &opt_veof) + IF_TERMIOS("eol", &opt_veol) +@@ -1102,7 +1101,6 @@ const struct optname optionnames[] = { + IF_OPENSSL("openssl-compress", &opt_openssl_compress) + #endif + IF_OPENSSL("openssl-dhparam", &opt_openssl_dhparam) +- IF_OPENSSL("openssl-egd", &opt_openssl_egd) + #if WITH_FIPS + IF_OPENSSL("openssl-fips", &opt_openssl_fips) + #endif +diff --git a/xioopts.h b/xioopts.h +index ebcf315..d569c30 100644 +--- a/xioopts.h ++++ b/xioopts.h +@@ -478,7 +478,6 @@ enum e_optcode { + OPT_OPENSSL_COMPRESS, + #endif + OPT_OPENSSL_DHPARAM, +- OPT_OPENSSL_EGD, + OPT_OPENSSL_FIPS, + OPT_OPENSSL_KEY, + OPT_OPENSSL_METHOD, |