gentoo resync : 15.01.2020

author: V3n3RiX <venerix@redcorelinux.org> 2020-01-15 15:51:32 +0000
committer: V3n3RiX <venerix@redcorelinux.org> 2020-01-15 15:51:32 +0000
commit: 21435953e16cda318a82334ddbadb3b5c36d9ea7 (patch)
tree: e1810a4b135afce04b34862ef0fab2bfaeb8aeca /net-misc/stunnel
parent: 7bc9c63c9da678a7e6fceb095d56c634afd22c56 (diff)
5 files changed, 6 insertions, 718 deletions
diff --git a/net-misc/stunnel/Manifest b/net-misc/stunnel/Manifest
index 456145c10608..627b8329e37e 100644
--- a/net-misc/stunnel/Manifest
+++ b/net-misc/stunnel/Manifest
@@ -1,8 +1,5 @@
 AUX stunnel 1259 BLAKE2B f407bcff9249e57c46f641e8b666c187f3279e14d7d28f3565063887d8ef01b8379539fb7bb6a70d00e80809a203dd3a263de6c96012f5357b7e059044f0ca34 SHA512 c35855a20ca29d5277eaa597763db434ec069bc96e91bc7c2bbe3357c72ce792b84f653c59842cd2921cce810005cb79717fa4e728840766aff51656033585d6
-AUX stunnel-5.43-compat-libressl.patch 5328 BLAKE2B 5a014b47e3a314ab2d016ca31fb98d8a4fd613816c38382ece2a9925be217151130fab7d14666aac2602513c1cb0af04742c6a80eb9b8bf51caa46fdc05ad4b1 SHA512 d45e660fc610636dc93b8f696fc378cda4fcf7989f22aecff6394f84bbddfabb70255ebc4a9291a29806b3631767bb64b826c4a9fb2ecfe0ab7e53aebcdc7eb3
 AUX stunnel-5.50-libressl.patch 8684 BLAKE2B 6c4b01ec93ba8e8d734dc5489b9eddabb3e655a858c709ed75cea7a38b745d3a281d483ea74d47ae98d3371321fbc9d2776cd470e56eaea0ab6851ec3b203f28 SHA512 802c5ae1c729cdeb72f1d4f53d8216243f5e3e801f964b057a53099ebe9cc67b1e8d09d58475130d5239c9cb5fd8a967a10193d1740daed182b7af43122b19d4
-AUX stunnel-5.51-libressl.patch 10288 BLAKE2B f403d620b6b1341d3934e560d8d7e81fb6567c5076c3c46a34ebafe7136d95e2c9bf0f1d56818384040e0dcf5a1a4e1e10afe29db1f32ff2008cef30b83a8da5 SHA512 d8c8562afeaed5a8843e08d50a5097a4e36a10a014ebe281d8ea0bc563ac5b9bfa9d884f8cf6008b58bf679a7e785d86b331cddcb0bd5e49ed664763d9b3e597
-AUX stunnel-5.54-libressl.patch 12341 BLAKE2B a46445e80f54ce9a912fb7b255600f3598513305485004249f11354312db13cbba8b7aa95a4da0d431ee0bef6e5c049afaa2d14b41d3ac4f222f8cc4ebb8e933 SHA512 1d85b587a36e2d78c0b97fa90829156a7123e860d323010287cee43bd36a803e490313e664e72b44ed54ba5e89a0920d8d8608b6ac269663892610c62f4240b0
 AUX stunnel-r1 1437 BLAKE2B 92689cd4ee63920e1064cb96c88795132ee917e7886f9970f125f52d4eabf0fdb2515783c321771ae4e06598dca7e54f9b8131523c14dea7efa2769e0de0ed4b SHA512 6ccb1735770a4662e6fcb02bb7d0329cbed9aec16fc410f9d0f34f1a13dc5c9767eceafa406c55cca23b364c87c033bf5349d267838bbd5c560aaeec17ccd92c
 AUX stunnel.conf 1419 BLAKE2B 868f91060c0e43ded7eb6ae0c3734eaa1670caabb3b649cc552699a219a98b58374aa8864ef0d79d31e39185c8f3c35b3584f2c09218fff965966554e5335370 SHA512 4f76fd92eaf7fe878f7566a29ded673e7054edb8d7efeca8aad8621fdddeed457676d73b896d24466843874bb1b82ad3102cb1de4d24a7ac3597f3bf85d36826
 AUX stunnel.tmpfiles.conf 38 BLAKE2B cedd3eccd1964dcc86255fca0e47fe692a2619fbcbc576480adf193192a2218972d07961a3ab4d30f095c308844f25fe71cdf285bde201050be24d4ce0ca80d3 SHA512 8e06ec39547ce5991217e551e563f5d212742afda94da801ec266c632375aae489594d14815fe596319d9881eb5a58e32bf05baa69f3a9d1bae554419f5ac1bb
@@ -11,5 +8,5 @@ DIST stunnel-5.55.tar.gz 986873 BLAKE2B feb3a7d80aa2f67e0b8de2cdd2a134947f0715cc
 DIST stunnel-5.56.tar.gz 981163 BLAKE2B eef5a535165b1346d14e8fdd25ded7f497378bb63ab7d68642c5e1b3db2716c8e46db443146385a192a7e6042adcca295a5b107912e113f3f13f66e7a8d8b00b SHA512 db1be82b80bd5606568c5565f1c9a5710d4f7abca2d89388daa441bc395aaf2be998ac6403c7a17b8af01b89ade825186c20c50f73a809f9d64eca2e1b57a877
 EBUILD stunnel-5.50-r1.ebuild 2791 BLAKE2B bcd255a5bb328074fde280a0e089de4a2f008ee025ad10f7807995dcc463918c1a62bcf4c8303aafa8fc0d188d7d5de1cf7bbc816cb4a3b647501d97ca6bb5cf SHA512 cd97d5c1d19f5cc5c85d00c5f5a45315492beaa8bee29f6d4858095ec920768232ecc36ab70adf5aa96cec20dd137a3d8e5a3c97695ce725941805baa511f8b3
 EBUILD stunnel-5.55.ebuild 2773 BLAKE2B 410e8651d827f95ebd49c9d1d090beffb738c02a937764deb76afda893359fcad08cea1b867cfa9723af711677008ffa1ef6d178a497b36cbe678df9bda4c6b4 SHA512 66711c72febedd4ac825567bce53c2577c35f494de1d2dd1c12eae56dd0cf70deaef1c57dc332fe4321898fe894302e371b5f13f6b47b7ff9fd617a12795b275
-EBUILD stunnel-5.56.ebuild 2789 BLAKE2B e344d3ccbe579d5a781b2a67dad384f36bf6ab0cc5d3eac2e2ed5b5f0ad6d17d08bee075586df81ad35d79c1678ada18e19f83524eac3f65bb71de6f633bd112 SHA512 6bcf71ff7c426851c6577c2b71af19b2380445182d5abae643c66ee6364cc601b87a23e5a59e14128f77250254165cbd675735f15d90625b752c54654d0ad37f
+EBUILD stunnel-5.56-r1.ebuild 2754 BLAKE2B c4a0442bc0c1f6c97d961961b986d3f30c92e8fd9062c3472c6a07f3095efdd5dce7585c10c27f827a6af9b1d1a525361b4d4b9d6a9d44e6c86ddecab1182c13 SHA512 1957ade6544b696fd993b2f94bf57543eadbccfadcf347ef3cb854895df624c3c3c6089dd3339bf12ef043e4c2a9cb0cc4ac1c3b8aeba8fc4331817756b87566
 MISC metadata.xml 712 BLAKE2B 2e112f8a1f4fb41bd678a7e845e109923f00c281b5673e87cf2c06e68e8c1ee79e6230150cf911f4c28085ab22dc76eff54c80d201ef2709d5ee58a70f1a0084 SHA512 03c867389e13ef2596e97bc64b47209fe445eb5f4b2012d78f426f5eec96ad8359a735d9fe981109502d297837fa6ad50c43e0fe0b618aa9aed3f30fbd01e362
diff --git a/net-misc/stunnel/files/stunnel-5.43-compat-libressl.patch b/net-misc/stunnel/files/stunnel-5.43-compat-libressl.patch
deleted file mode 100644
index 5b015a98b610..000000000000
--- a/net-misc/stunnel/files/stunnel-5.43-compat-libressl.patch
+++ /dev/null
@@ -1,126 +0,0 @@
-diff -Naur stunnel-5.43.orig/src/common.h stunnel-5.43/src/common.h
---- stunnel-5.43.orig/src/common.h	2017-01-02 14:27:26.000000000 +0000
-+++ stunnel-5.43/src/common.h	2017-11-06 13:42:39.940942240 +0000
-@@ -448,7 +448,7 @@
- #define OPENSSL_NO_TLS1_2
- #endif /* OpenSSL older than 1.0.1 || defined(OPENSSL_NO_TLS1) */
- 
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- #ifndef OPENSSL_NO_SSL2
- #define OPENSSL_NO_SSL2
- #endif /* !defined(OPENSSL_NO_SSL2) */
-@@ -474,7 +474,7 @@
- #include <openssl/des.h>
- #ifndef OPENSSL_NO_DH
- #include <openssl/dh.h>
--#if OPENSSL_VERSION_NUMBER<0x10100000L
-+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
- #endif /* OpenSSL older than 1.1.0 */
- #endif /* !defined(OPENSSL_NO_DH) */
-diff -Naur stunnel-5.43.orig/src/ctx.c stunnel-5.43/src/ctx.c
---- stunnel-5.43.orig/src/ctx.c	2017-08-17 09:18:53.000000000 +0000
-+++ stunnel-5.43/src/ctx.c	2017-11-06 13:47:55.571861529 +0000
-@@ -295,7 +295,7 @@
- 
- #ifndef OPENSSL_NO_DH
- 
--#if OPENSSL_VERSION_NUMBER<0x10100000L
-+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx) {
-     return ctx->cipher_list;
- }
-@@ -398,7 +398,7 @@
- /**************************************** initialize OpenSSL CONF */
- 
- NOEXPORT int conf_init(SERVICE_OPTIONS *section) {
--#if OPENSSL_VERSION_NUMBER>=0x10002000L
-+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
-     SSL_CONF_CTX *cctx;
-     NAME_LIST *curr;
-     char *cmd, *param;
-diff -Naur stunnel-5.43.orig/src/options.c stunnel-5.43/src/options.c
---- stunnel-5.43.orig/src/options.c	2017-10-16 18:38:47.000000000 +0000
-+++ stunnel-5.43/src/options.c	2017-11-06 13:46:18.630650320 +0000
-@@ -3656,7 +3656,7 @@
-     }
- #endif
-     /* engines can add new algorithms */
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS|
-         OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
- #else
-diff -Naur stunnel-5.43.orig/src/ssl.c stunnel-5.43/src/ssl.c
---- stunnel-5.43.orig/src/ssl.c	2017-10-07 14:23:08.000000000 +0000
-+++ stunnel-5.43/src/ssl.c	2017-11-06 13:42:39.940942240 +0000
-@@ -51,7 +51,7 @@
- int index_session_authenticated, index_session_connect_address;
- 
- int ssl_init(void) { /* init TLS before parsing configuration file */
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-     OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS |
-         OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_LOAD_CONFIG, NULL);
- #else
-@@ -87,7 +87,7 @@
- }
- 
- #ifndef OPENSSL_NO_DH
--#if OPENSSL_VERSION_NUMBER<0x10100000L
-+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- /* this is needed for dhparam.c generated with OpenSSL >= 1.1.0
-  * to be linked against the older versions */
- int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {
-diff -Naur stunnel-5.43.orig/src/sthreads.c stunnel-5.43/src/sthreads.c
---- stunnel-5.43.orig/src/sthreads.c	2017-08-17 09:18:53.000000000 +0000
-+++ stunnel-5.43/src/sthreads.c	2017-11-06 13:42:39.940942240 +0000
-@@ -216,7 +216,7 @@
- 
- struct CRYPTO_dynlock_value stunnel_locks[STUNNEL_LOCKS];
- 
--#if OPENSSL_VERSION_NUMBER<0x10100004L
-+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
- #define CRYPTO_THREAD_lock_new() CRYPTO_get_new_dynlockid()
- #endif
- 
-diff -Naur stunnel-5.43.orig/src/verify.c stunnel-5.43/src/verify.c
---- stunnel-5.43.orig/src/verify.c	2017-05-13 09:01:07.000000000 +0000
-+++ stunnel-5.43/src/verify.c	2017-11-06 13:46:56.317566128 +0000
-@@ -51,7 +51,7 @@
- NOEXPORT int verify_callback(int, X509_STORE_CTX *);
- NOEXPORT int verify_checks(CLI *, int, X509_STORE_CTX *);
- NOEXPORT int cert_check(CLI *, X509_STORE_CTX *, int);
--#if OPENSSL_VERSION_NUMBER>=0x10002000L
-+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT int cert_check_subject(CLI *, X509_STORE_CTX *);
- #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
- NOEXPORT int cert_check_local(X509_STORE_CTX *);
-@@ -285,7 +285,7 @@
-     }
- 
-     if(depth==0) { /* additional peer certificate checks */
--#if OPENSSL_VERSION_NUMBER>=0x10002000L
-+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
-         if(!cert_check_subject(c, callback_ctx))
-             return 0; /* reject */
- #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
-@@ -296,7 +296,7 @@
-     return 1; /* accept */
- }
- 
--#if OPENSSL_VERSION_NUMBER>=0x10002000L
-+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT int cert_check_subject(CLI *c, X509_STORE_CTX *callback_ctx) {
-     X509 *cert=X509_STORE_CTX_get_current_cert(callback_ctx);
-     NAME_LIST *ptr;
-@@ -353,7 +353,7 @@
-     cert=X509_STORE_CTX_get_current_cert(callback_ctx);
-     subject=X509_get_subject_name(cert);
- 
--#if OPENSSL_VERSION_NUMBER<0x10100006L
-+#if OPENSSL_VERSION_NUMBER<0x10100006L || defined(LIBRESSL_VERSION_NUMBER)
- #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs
- #endif
-     /* modern API allows retrieving multiple matching certificates */
diff --git a/net-misc/stunnel/files/stunnel-5.51-libressl.patch b/net-misc/stunnel/files/stunnel-5.51-libressl.patch
deleted file mode 100644
index 7ca8ace454d8..000000000000
--- a/net-misc/stunnel/files/stunnel-5.51-libressl.patch
+++ /dev/null
@@ -1,268 +0,0 @@
-diff --git a/src/client.c b/src/client.c
-index b67544a..6676529 100644
---- a/src/client.c
-+++ b/src/client.c
-@@ -680,7 +680,7 @@ NOEXPORT void transfer(CLI *c) {
-         }
- 
-         /****************************** wait for an event */
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-         pending=SSL_pending(c->ssl) || SSL_has_pending(c->ssl);
- #else
-         pending=SSL_pending(c->ssl);
-diff --git a/src/ctx.c b/src/ctx.c
-index b3dc684..0186968 100644
---- a/src/ctx.c
-+++ b/src/ctx.c
-@@ -91,7 +91,7 @@ NOEXPORT void set_prompt(const char *);
- NOEXPORT int ui_retry();
- 
- /* session tickets */
--#if OPENSSL_VERSION_NUMBER >= 0x10101000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT int generate_session_ticket_cb(SSL *, void *);
- NOEXPORT int decrypt_session_ticket_cb(SSL *, SSL_SESSION *,
-     const unsigned char *, size_t, SSL_TICKET_STATUS, void *);
-@@ -125,7 +125,7 @@ NOEXPORT void sslerror_log(unsigned long, const char *, int, char *);
- 
- /**************************************** initialize section->ctx */
- 
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- typedef long unsigned SSL_OPTIONS_TYPE;
- #else
- typedef long SSL_OPTIONS_TYPE;
-@@ -133,7 +133,7 @@ typedef long SSL_OPTIONS_TYPE;
- 
- int context_init(SERVICE_OPTIONS *section) { /* init TLS context */
-     /* create TLS context */
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-     if(section->option.client)
-         section->ctx=SSL_CTX_new(TLS_client_method());
-     else /* server mode */
-@@ -229,7 +229,7 @@ int context_init(SERVICE_OPTIONS *section) { /* init TLS context */
- #endif
- 
-     /* setup session tickets */
--#if OPENSSL_VERSION_NUMBER >= 0x10101000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
-     SSL_CTX_set_session_ticket_cb(section->ctx, generate_session_ticket_cb,
-         decrypt_session_ticket_cb, NULL);
- #endif /* OpenSSL 1.1.1 or later */
-@@ -483,7 +483,7 @@ NOEXPORT int ecdh_init(SERVICE_OPTIONS *section) {
- /**************************************** initialize OpenSSL CONF */
- 
- NOEXPORT int conf_init(SERVICE_OPTIONS *section) {
--#if OPENSSL_VERSION_NUMBER>=0x10002000L
-+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
-     SSL_CONF_CTX *cctx;
-     NAME_LIST *curr;
-     char *cmd, *param;
-@@ -969,7 +969,7 @@ NOEXPORT int ui_retry() {
- 
- /**************************************** session tickets */
- 
--#if OPENSSL_VERSION_NUMBER >= 0x10101000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
- 
- typedef struct {
-     void *session_authenticated;
-@@ -1412,7 +1412,7 @@ NOEXPORT void info_callback(const SSL *ssl, int where, int ret) {
- 
-     c=SSL_get_ex_data((SSL *)ssl, index_ssl_cli);
-     if(c) {
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-         OSSL_HANDSHAKE_STATE state=SSL_get_state(ssl);
- #else
-         int state=SSL_get_state((SSL *)ssl);
-diff --git a/src/options.c b/src/options.c
-index c7bd5c5..5441b80 100644
---- a/src/options.c
-+++ b/src/options.c
-@@ -81,7 +81,7 @@ NOEXPORT char *sni_init(SERVICE_OPTIONS *);
- NOEXPORT void sni_free(SERVICE_OPTIONS *);
- #endif /* !defined(OPENSSL_NO_TLSEXT) */
- 
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT int str_to_proto_version(const char *);
- #else /* OPENSSL_VERSION_NUMBER<0x10100000L */
- NOEXPORT char *tls_methods_set(SERVICE_OPTIONS *, const char *);
-@@ -3098,7 +3098,7 @@ NOEXPORT char *parse_service_option(CMD cmd, SERVICE_OPTIONS **section_ptr,
-         break;
-     }
- 
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- 
-     /* sslVersion */
-     switch(cmd) {
-@@ -3671,7 +3671,7 @@ NOEXPORT void sni_free(SERVICE_OPTIONS *section) {
- 
- /**************************************** modern TLS version handling */
- 
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- 
- NOEXPORT int str_to_proto_version(const char *name) {
-     if(!strcasecmp(name, "all"))
-diff --git a/src/prototypes.h b/src/prototypes.h
-index 4a5d9af..057d3b9 100644
---- a/src/prototypes.h
-+++ b/src/prototypes.h
-@@ -226,7 +226,7 @@ typedef struct service_options_struct {
- #if OPENSSL_VERSION_NUMBER>=0x009080dfL
-     long unsigned ssl_options_clear;
- #endif /* OpenSSL 0.9.8m or later */
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-     int min_proto_version, max_proto_version;
- #else /* OPENSSL_VERSION_NUMBER<0x10100000L */
-     SSL_METHOD *client_method, *server_method;
-@@ -666,7 +666,7 @@ int getnameinfo(const struct sockaddr *, socklen_t,
- #define USE_OS_THREADS
- #endif
- 
--#if OPENSSL_VERSION_NUMBER<0x10100004L
-+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
- 
- #ifdef USE_OS_THREADS
- 
-@@ -714,7 +714,7 @@ typedef enum {
- 
- extern CRYPTO_RWLOCK *stunnel_locks[STUNNEL_LOCKS];
- 
--#if OPENSSL_VERSION_NUMBER<0x10100004L
-+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
- /* Emulate the OpenSSL 1.1 locking API for older OpenSSL versions */
- CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void);
- int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *);
-diff --git a/src/ssl.c b/src/ssl.c
-index 60e31c1..10b0658 100644
---- a/src/ssl.c
-+++ b/src/ssl.c
-@@ -39,7 +39,7 @@
- #include "prototypes.h"
- 
-     /* global OpenSSL initialization: compression, engine, entropy */
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT int cb_dup_addr(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
-     void *from_d, int idx, long argl, void *argp);
- #else
-@@ -114,7 +114,7 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {
- #endif
- #endif
- 
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT int cb_dup_addr(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
-         void *from_d, int idx, long argl, void *argp) {
- #else
-@@ -177,7 +177,7 @@ int ssl_configure(GLOBAL_OPTIONS *global) { /* configure global TLS settings */
- 
- #ifndef OPENSSL_NO_COMP
- 
--#if OPENSSL_VERSION_NUMBER<0x10100000L
-+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 
- NOEXPORT int COMP_get_type(const COMP_METHOD *meth) {
-     return meth->type;
-diff --git a/src/sthreads.c b/src/sthreads.c
-index 37a1398..750e312 100644
---- a/src/sthreads.c
-+++ b/src/sthreads.c
-@@ -97,14 +97,16 @@ unsigned long stunnel_thread_id(void) {
- 
- #endif /* USE_WIN32 */
- 
--#if OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100004L
-+#if (OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100004L) || \
-+    defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT void threadid_func(CRYPTO_THREADID *tid) {
-     CRYPTO_THREADID_set_numeric(tid, stunnel_thread_id());
- }
- #endif
- 
- void thread_id_init(void) {
--#if OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100000L
-+#if (OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100000L) || \
-+    defined(LIBRESSL_VERSION_NUMBER)
-     CRYPTO_THREADID_set_callback(threadid_func);
- #endif
- #if OPENSSL_VERSION_NUMBER<0x10000000L || !defined(OPENSSL_NO_DEPRECATED)
-@@ -115,7 +117,7 @@ void thread_id_init(void) {
- /**************************************** locking */
- 
- /* we only need to initialize locking with OpenSSL older than 1.1.0 */
--#if OPENSSL_VERSION_NUMBER<0x10100004L
-+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
- 
- #ifdef USE_PTHREAD
- 
-@@ -224,7 +226,7 @@ NOEXPORT int s_atomic_add(int *val, int amount, CRYPTO_RWLOCK *lock) {
- 
- CRYPTO_RWLOCK *stunnel_locks[STUNNEL_LOCKS];
- 
--#if OPENSSL_VERSION_NUMBER<0x10100004L
-+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
- 
- #ifdef USE_OS_THREADS
- 
-@@ -334,7 +336,8 @@ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock) {
- 
- void locking_init(void) {
-     size_t i;
--#if defined(USE_OS_THREADS) && OPENSSL_VERSION_NUMBER<0x10100004L
-+#if defined(USE_OS_THREADS) && \
-+    (OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER))
-     size_t num;
- 
-     /* initialize the OpenSSL static locking */
-diff --git a/src/tls.c b/src/tls.c
-index 6c92b96..5e60a95 100644
---- a/src/tls.c
-+++ b/src/tls.c
-@@ -41,7 +41,7 @@
- volatile int tls_initialized=0;
- 
- NOEXPORT void tls_platform_init();
--#if OPENSSL_VERSION_NUMBER<0x10100000L
-+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT void free_function(void *);
- #endif
- 
-@@ -52,7 +52,7 @@ void tls_init() {
-     tls_platform_init();
-     tls_initialized=1;
-     ui_tls=tls_alloc(NULL, NULL, "ui");
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-     CRYPTO_set_mem_functions(str_alloc_detached_debug,
-         str_realloc_detached_debug, str_free_debug);
- #else
-@@ -184,7 +184,7 @@ TLS_DATA *tls_get() {
- 
- /**************************************** OpenSSL allocator hook */
- 
--#if OPENSSL_VERSION_NUMBER<0x10100000L
-+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT void free_function(void *ptr) {
-     /* CRYPTO_set_mem_ex_functions() needs a function rather than a macro */
-     /* unfortunately, OpenSSL provides no file:line information here */
-diff --git a/src/verify.c b/src/verify.c
-index acdfb5b..d7b7655 100644
---- a/src/verify.c
-+++ b/src/verify.c
-@@ -346,7 +346,7 @@ NOEXPORT int cert_check_local(X509_STORE_CTX *callback_ctx) {
-     cert=X509_STORE_CTX_get_current_cert(callback_ctx);
-     subject=X509_get_subject_name(cert);
- 
--#if OPENSSL_VERSION_NUMBER<0x10100006L
-+#if OPENSSL_VERSION_NUMBER<0x10100006L || defined(LIBRESSL_VERSION_NUMBER)
- #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs
- #endif
-     /* modern API allows retrieving multiple matching certificates */
diff --git a/net-misc/stunnel/files/stunnel-5.54-libressl.patch b/net-misc/stunnel/files/stunnel-5.54-libressl.patch
deleted file mode 100644
index 1965f47bca2d..000000000000
--- a/net-misc/stunnel/files/stunnel-5.54-libressl.patch
+++ /dev/null
@@ -1,313 +0,0 @@
-diff --git a/src/client.c b/src/client.c
-index 21fa273..e500d62 100644
---- a/src/client.c
-+++ b/src/client.c
-@@ -657,7 +657,7 @@ NOEXPORT void print_cipher(CLI *c) { /* print negotiated cipher */
- NOEXPORT void transfer(CLI *c) {
-     int timeout; /* s_poll_wait timeout in seconds */
-     int pending; /* either processed on unprocessed TLS data */
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-     int has_pending=0, prev_has_pending;
- #endif
-     int watchdog=0; /* a counter to detect an infinite loop */
-@@ -705,7 +705,7 @@ NOEXPORT void transfer(CLI *c) {
- 
-         /****************************** wait for an event */
-         pending=SSL_pending(c->ssl);
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-         /* only attempt to process SSL_has_pending() data once */
-         prev_has_pending=has_pending;
-         has_pending=SSL_has_pending(c->ssl);
-@@ -1109,7 +1109,7 @@ NOEXPORT void transfer(CLI *c) {
-             s_log(LOG_ERR,
-                 "please report the problem to Michal.Trojnara@stunnel.org");
-             stunnel_info(LOG_ERR);
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-             s_log(LOG_ERR, "protocol=%s, SSL_pending=%d, SSL_has_pending=%d",
-                 SSL_get_version(c->ssl),
-                 SSL_pending(c->ssl), SSL_has_pending(c->ssl));
-diff --git a/src/ctx.c b/src/ctx.c
-index 01119f3..b73fdcb 100644
---- a/src/ctx.c
-+++ b/src/ctx.c
-@@ -91,7 +91,7 @@ NOEXPORT void set_prompt(const char *);
- NOEXPORT int ui_retry();
- 
- /* session tickets */
--#if OPENSSL_VERSION_NUMBER >= 0x10101000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT int generate_session_ticket_cb(SSL *, void *);
- NOEXPORT int decrypt_session_ticket_cb(SSL *, SSL_SESSION *,
-     const unsigned char *, size_t, SSL_TICKET_STATUS, void *);
-@@ -130,7 +130,7 @@ NOEXPORT void sslerror_log(unsigned long, const char *, int, char *);
- 
- /**************************************** initialize section->ctx */
- 
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- typedef long unsigned SSL_OPTIONS_TYPE;
- #else
- typedef long SSL_OPTIONS_TYPE;
-@@ -138,7 +138,7 @@ typedef long SSL_OPTIONS_TYPE;
- 
- int context_init(SERVICE_OPTIONS *section) { /* init TLS context */
-     /* create TLS context */
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-     if(section->option.client)
-         section->ctx=SSL_CTX_new(TLS_client_method());
-     else /* server mode */
-@@ -234,7 +234,7 @@ int context_init(SERVICE_OPTIONS *section) { /* init TLS context */
- #endif
- 
-     /* setup session tickets */
--#if OPENSSL_VERSION_NUMBER >= 0x10101000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
-     SSL_CTX_set_session_ticket_cb(section->ctx, generate_session_ticket_cb,
-         decrypt_session_ticket_cb, NULL);
- #endif /* OpenSSL 1.1.1 or later */
-@@ -493,7 +493,7 @@ NOEXPORT int ecdh_init(SERVICE_OPTIONS *section) {
- /**************************************** initialize OpenSSL CONF */
- 
- NOEXPORT int conf_init(SERVICE_OPTIONS *section) {
--#if OPENSSL_VERSION_NUMBER>=0x10002000L
-+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
-     SSL_CONF_CTX *cctx;
-     NAME_LIST *curr;
-     char *cmd, *param;
-@@ -979,7 +979,7 @@ NOEXPORT int ui_retry() {
- 
- /**************************************** session tickets */
- 
--#if OPENSSL_VERSION_NUMBER >= 0x10101000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
- 
- typedef struct {
-     void *session_authenticated;
-@@ -1470,7 +1470,7 @@ NOEXPORT void info_callback(const SSL *ssl, int where, int ret) {
- 
-     c=SSL_get_ex_data((SSL *)ssl, index_ssl_cli);
-     if(c) {
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-         OSSL_HANDSHAKE_STATE state=SSL_get_state(ssl);
- #else
-         int state=SSL_get_state((SSL *)ssl);
-diff --git a/src/options.c b/src/options.c
-index 670adbe..a10cecd 100644
---- a/src/options.c
-+++ b/src/options.c
-@@ -81,7 +81,7 @@ NOEXPORT char *sni_init(SERVICE_OPTIONS *);
- NOEXPORT void sni_free(SERVICE_OPTIONS *);
- #endif /* !defined(OPENSSL_NO_TLSEXT) */
- 
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT int str_to_proto_version(const char *);
- #else /* OPENSSL_VERSION_NUMBER<0x10100000L */
- NOEXPORT char *tls_methods_set(SERVICE_OPTIONS *, const char *);
-@@ -96,7 +96,7 @@ NOEXPORT PSK_KEYS *psk_dup(PSK_KEYS *);
- NOEXPORT void psk_free(PSK_KEYS *);
- #endif /* !defined(OPENSSL_NO_PSK) */
- 
--#if OPENSSL_VERSION_NUMBER>=0x10000000L
-+#if OPENSSL_VERSION_NUMBER>=0x10000000L && !defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT TICKET_KEY *key_read(char *, char *);
- NOEXPORT TICKET_KEY *key_dup(TICKET_KEY *);
- NOEXPORT void key_free(TICKET_KEY *);
-@@ -3104,7 +3104,7 @@ NOEXPORT char *parse_service_option(CMD cmd, SERVICE_OPTIONS **section_ptr,
-         break;
-     }
- 
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- 
-     /* sslVersion */
-     switch(cmd) {
-@@ -3273,7 +3273,7 @@ NOEXPORT char *parse_service_option(CMD cmd, SERVICE_OPTIONS **section_ptr,
-     }
- #endif
- 
--#if OPENSSL_VERSION_NUMBER>=0x10000000L
-+#if OPENSSL_VERSION_NUMBER>=0x10000000L && !defined(LIBRESSL_VERSION_NUMBER)
- 
-     /* ticketKeySecret */
-     switch(cmd) {
-@@ -3755,7 +3755,7 @@ NOEXPORT void sni_free(SERVICE_OPTIONS *section) {
- 
- /**************************************** modern TLS version handling */
- 
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- 
- NOEXPORT int str_to_proto_version(const char *name) {
-     if(!strcasecmp(name, "all"))
-@@ -4079,7 +4079,7 @@ NOEXPORT void psk_free(PSK_KEYS *head) {
- 
- /**************************************** read ticket key */
- 
--#if OPENSSL_VERSION_NUMBER>=0x10000000L
-+#if OPENSSL_VERSION_NUMBER>=0x10000000L && !defined(LIBRESSL_VERSION_NUMBER)
- 
- NOEXPORT TICKET_KEY *key_read(char *arg, char *option) {
-     char *key_str;
-diff --git a/src/prototypes.h b/src/prototypes.h
-index ebd413c..edd4341 100644
---- a/src/prototypes.h
-+++ b/src/prototypes.h
-@@ -244,7 +244,7 @@ typedef struct service_options_struct {
- #if OPENSSL_VERSION_NUMBER>=0x009080dfL
-     long unsigned ssl_options_clear;
- #endif /* OpenSSL 0.9.8m or later */
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-     int min_proto_version, max_proto_version;
- #else /* OPENSSL_VERSION_NUMBER<0x10100000L */
-     SSL_METHOD *client_method, *server_method;
-@@ -706,7 +706,7 @@ int getnameinfo(const struct sockaddr *, socklen_t,
- extern CLI *thread_head;
- #endif
- 
--#if OPENSSL_VERSION_NUMBER<0x10100004L
-+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
- 
- #ifdef USE_OS_THREADS
- 
-@@ -755,7 +755,7 @@ typedef enum {
- 
- extern CRYPTO_RWLOCK *stunnel_locks[STUNNEL_LOCKS];
- 
--#if OPENSSL_VERSION_NUMBER<0x10100004L
-+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
- /* Emulate the OpenSSL 1.1 locking API for older OpenSSL versions */
- CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void);
- int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *);
-diff --git a/src/ssl.c b/src/ssl.c
-index 60e31c1..10b0658 100644
---- a/src/ssl.c
-+++ b/src/ssl.c
-@@ -39,7 +39,7 @@
- #include "prototypes.h"
- 
-     /* global OpenSSL initialization: compression, engine, entropy */
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT int cb_dup_addr(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
-     void *from_d, int idx, long argl, void *argp);
- #else
-@@ -114,7 +114,7 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {
- #endif
- #endif
- 
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT int cb_dup_addr(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
-         void *from_d, int idx, long argl, void *argp) {
- #else
-@@ -177,7 +177,7 @@ int ssl_configure(GLOBAL_OPTIONS *global) { /* configure global TLS settings */
- 
- #ifndef OPENSSL_NO_COMP
- 
--#if OPENSSL_VERSION_NUMBER<0x10100000L
-+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 
- NOEXPORT int COMP_get_type(const COMP_METHOD *meth) {
-     return meth->type;
-diff --git a/src/sthreads.c b/src/sthreads.c
-index dc2cd43..7a01f2e 100644
---- a/src/sthreads.c
-+++ b/src/sthreads.c
-@@ -102,14 +102,16 @@ unsigned long stunnel_thread_id(void) {
- 
- #endif /* USE_WIN32 */
- 
--#if OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100004L
-+#if (OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100004L) || \
-+    defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT void threadid_func(CRYPTO_THREADID *tid) {
-     CRYPTO_THREADID_set_numeric(tid, stunnel_thread_id());
- }
- #endif
- 
- void thread_id_init(void) {
--#if OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100000L
-+#if (OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100000L) || \
-+    defined(LIBRESSL_VERSION_NUMBER)
-     CRYPTO_THREADID_set_callback(threadid_func);
- #endif
- #if OPENSSL_VERSION_NUMBER<0x10000000L || !defined(OPENSSL_NO_DEPRECATED)
-@@ -120,7 +122,7 @@ void thread_id_init(void) {
- /**************************************** locking */
- 
- /* we only need to initialize locking with OpenSSL older than 1.1.0 */
--#if OPENSSL_VERSION_NUMBER<0x10100004L
-+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
- 
- #ifdef USE_PTHREAD
- 
-@@ -229,7 +231,7 @@ NOEXPORT int s_atomic_add(int *val, int amount, CRYPTO_RWLOCK *lock) {
- 
- CRYPTO_RWLOCK *stunnel_locks[STUNNEL_LOCKS];
- 
--#if OPENSSL_VERSION_NUMBER<0x10100004L
-+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
- 
- #ifdef USE_OS_THREADS
- 
-@@ -339,7 +341,8 @@ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock) {
- 
- void locking_init(void) {
-     size_t i;
--#if defined(USE_OS_THREADS) && OPENSSL_VERSION_NUMBER<0x10100004L
-+#if defined(USE_OS_THREADS) && \
-+    (OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER))
-     size_t num;
- 
-     /* initialize the OpenSSL static locking */
-diff --git a/src/tls.c b/src/tls.c
-index 6c92b96..5e60a95 100644
---- a/src/tls.c
-+++ b/src/tls.c
-@@ -41,7 +41,7 @@
- volatile int tls_initialized=0;
- 
- NOEXPORT void tls_platform_init();
--#if OPENSSL_VERSION_NUMBER<0x10100000L
-+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT void free_function(void *);
- #endif
- 
-@@ -52,7 +52,7 @@ void tls_init() {
-     tls_platform_init();
-     tls_initialized=1;
-     ui_tls=tls_alloc(NULL, NULL, "ui");
--#if OPENSSL_VERSION_NUMBER>=0x10100000L
-+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-     CRYPTO_set_mem_functions(str_alloc_detached_debug,
-         str_realloc_detached_debug, str_free_debug);
- #else
-@@ -184,7 +184,7 @@ TLS_DATA *tls_get() {
- 
- /**************************************** OpenSSL allocator hook */
- 
--#if OPENSSL_VERSION_NUMBER<0x10100000L
-+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- NOEXPORT void free_function(void *ptr) {
-     /* CRYPTO_set_mem_ex_functions() needs a function rather than a macro */
-     /* unfortunately, OpenSSL provides no file:line information here */
-diff --git a/src/verify.c b/src/verify.c
-index 1d1eccb..dfd9bff 100644
---- a/src/verify.c
-+++ b/src/verify.c
-@@ -346,7 +346,7 @@ NOEXPORT int cert_check_local(X509_STORE_CTX *callback_ctx) {
-     cert=X509_STORE_CTX_get_current_cert(callback_ctx);
-     subject=X509_get_subject_name(cert);
- 
--#if OPENSSL_VERSION_NUMBER<0x10100006L
-+#if OPENSSL_VERSION_NUMBER<0x10100006L || defined(LIBRESSL_VERSION_NUMBER)
- #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs
- #endif
-     /* modern API allows retrieving multiple matching certificates */
diff --git a/net-misc/stunnel/stunnel-5.56.ebuild b/net-misc/stunnel/stunnel-5.56-r1.ebuild
index 4ad962ee6aa9..667f8f567387 100644
--- a/net-misc/stunnel/stunnel-5.56.ebuild
+++ b/net-misc/stunnel/stunnel-5.56-r1.ebuild
@@ -3,7 +3,7 @@
 
 EAPI="7"
 
-inherit ssl-cert multilib systemd user
+inherit ssl-cert multilib systemd
 
 DESCRIPTION="TLS/SSL - Port Wrapper"
 HOMEPAGE="http://www.stunnel.org/index.html"
@@ -22,17 +22,15 @@ IUSE="ipv6 selinux stunnel3 tcpd"
 
 DEPEND="dev-libs/openssl:0=
 	tcpd? ( sys-apps/tcp-wrappers )"
-RDEPEND="${DEPEND}
+RDEPEND="
+	acct-user/stunnel
+	acct-group/stunnel
+	${DEPEND}
 	stunnel3? ( dev-lang/perl )
 	selinux? ( sec-policy/selinux-stunnel )"
 
 RESTRICT="test"
 
-pkg_setup() {
-	enewgroup stunnel
-	enewuser stunnel -1 -1 -1 stunnel
-}
-
 src_prepare() {
 	# Hack away generation of certificate
 	sed -i -e "s/^install-data-local:/do-not-run-this:/" \
author	V3n3RiX <venerix@redcorelinux.org>	2020-01-15 15:51:32 +0000
committer	V3n3RiX <venerix@redcorelinux.org>	2020-01-15 15:51:32 +0000
commit	21435953e16cda318a82334ddbadb3b5c36d9ea7 (patch)
tree	e1810a4b135afce04b34862ef0fab2bfaeb8aeca /net-misc/stunnel
parent	7bc9c63c9da678a7e6fceb095d56c634afd22c56 (diff)