From 71bc00c87bba1ce31de0dac6c3b7fd1aee6917fc Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 14 Jul 2018 20:52:04 +0100 Subject: gentoo resync : 14.07.2018 --- .../files/stunnel-5.48-compat-libressl.patch | 114 +++++++++++++++++++++ 1 file changed, 114 insertions(+) create mode 100644 net-misc/stunnel/files/stunnel-5.48-compat-libressl.patch (limited to 'net-misc/stunnel/files') diff --git a/net-misc/stunnel/files/stunnel-5.48-compat-libressl.patch b/net-misc/stunnel/files/stunnel-5.48-compat-libressl.patch new file mode 100644 index 000000000000..3161b1581b1a --- /dev/null +++ b/net-misc/stunnel/files/stunnel-5.48-compat-libressl.patch @@ -0,0 +1,114 @@ +diff -Naur stunnel-5.48.orig/src/common.h stunnel-5.48/src/common.h +--- stunnel-5.48.orig/src/common.h 2018-06-08 13:30:15.000000000 -0400 ++++ stunnel-5.48/src/common.h 2018-07-08 22:23:00.527131463 -0400 +@@ -446,7 +446,7 @@ + #define OPENSSL_NO_TLS1_2 + #endif /* OpenSSL older than 1.0.1 || defined(OPENSSL_NO_TLS1) */ + +-#if OPENSSL_VERSION_NUMBER>=0x10100000L ++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + #ifndef OPENSSL_NO_SSL2 + #define OPENSSL_NO_SSL2 + #endif /* !defined(OPENSSL_NO_SSL2) */ +@@ -473,7 +473,7 @@ + #include + #ifndef OPENSSL_NO_DH + #include +-#if OPENSSL_VERSION_NUMBER<0x10100000L ++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); + #endif /* OpenSSL older than 1.1.0 */ + #endif /* !defined(OPENSSL_NO_DH) */ +diff -Naur stunnel-5.48.orig/src/ctx.c stunnel-5.48/src/ctx.c +--- stunnel-5.48.orig/src/ctx.c 2018-07-02 17:30:10.000000000 -0400 ++++ stunnel-5.48/src/ctx.c 2018-07-08 22:23:00.527131463 -0400 +@@ -311,7 +311,7 @@ + + #ifndef OPENSSL_NO_DH + +-#if OPENSSL_VERSION_NUMBER<0x10100000L ++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + NOEXPORT STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx) { + return ctx->cipher_list; + } +@@ -414,7 +414,7 @@ + /**************************************** initialize OpenSSL CONF */ + + NOEXPORT int conf_init(SERVICE_OPTIONS *section) { +-#if OPENSSL_VERSION_NUMBER>=0x10002000L ++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) + SSL_CONF_CTX *cctx; + NAME_LIST *curr; + char *cmd, *param; +diff -Naur stunnel-5.48.orig/src/options.c stunnel-5.48/src/options.c +--- stunnel-5.48.orig/src/options.c 2018-07-02 17:30:26.000000000 -0400 ++++ stunnel-5.48/src/options.c 2018-07-08 22:23:00.527131463 -0400 +@@ -4215,7 +4215,7 @@ + } + #endif + /* engines can add new algorithms */ +-#if OPENSSL_VERSION_NUMBER>=0x10100000L ++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS| + OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); + #else +diff -Naur stunnel-5.48.orig/src/ssl.c stunnel-5.48/src/ssl.c +--- stunnel-5.48.orig/src/ssl.c 2018-04-06 10:25:10.000000000 -0400 ++++ stunnel-5.48/src/ssl.c 2018-07-08 22:23:00.527131463 -0400 +@@ -52,7 +52,7 @@ + int index_session_authenticated, index_session_connect_address; + + int ssl_init(void) { /* init TLS before parsing configuration file */ +-#if OPENSSL_VERSION_NUMBER>=0x10100000L ++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | + OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_LOAD_CONFIG, NULL); + #else +@@ -88,7 +88,7 @@ + } + + #ifndef OPENSSL_NO_DH +-#if OPENSSL_VERSION_NUMBER<0x10100000L ++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + /* this is needed for dhparam.c generated with OpenSSL >= 1.1.0 + * to be linked against the older versions */ + int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) { +diff -Naur stunnel-5.48.orig/src/verify.c stunnel-5.48/src/verify.c +--- stunnel-5.48.orig/src/verify.c 2018-07-02 17:30:10.000000000 -0400 ++++ stunnel-5.48/src/verify.c 2018-07-08 22:23:00.531131344 -0400 +@@ -51,7 +51,7 @@ + NOEXPORT int verify_callback(int, X509_STORE_CTX *); + NOEXPORT int verify_checks(CLI *, int, X509_STORE_CTX *); + NOEXPORT int cert_check(CLI *, X509_STORE_CTX *, int); +-#if OPENSSL_VERSION_NUMBER>=0x10002000L ++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) + NOEXPORT int cert_check_subject(CLI *, X509_STORE_CTX *); + #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */ + NOEXPORT int cert_check_local(X509_STORE_CTX *); +@@ -285,7 +285,7 @@ + } + + if(depth==0) { /* additional peer certificate checks */ +-#if OPENSSL_VERSION_NUMBER>=0x10002000L ++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) + if(!cert_check_subject(c, callback_ctx)) + return 0; /* reject */ + #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */ +@@ -296,7 +296,7 @@ + return 1; /* accept */ + } + +-#if OPENSSL_VERSION_NUMBER>=0x10002000L ++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) + NOEXPORT int cert_check_subject(CLI *c, X509_STORE_CTX *callback_ctx) { + X509 *cert=X509_STORE_CTX_get_current_cert(callback_ctx); + NAME_LIST *ptr; +@@ -346,7 +346,7 @@ + cert=X509_STORE_CTX_get_current_cert(callback_ctx); + subject=X509_get_subject_name(cert); + +-#if OPENSSL_VERSION_NUMBER<0x10100006L ++#if OPENSSL_VERSION_NUMBER<0x10100006L || defined(LIBRESSL_VERSION_NUMBER) + #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs + #endif + /* modern API allows retrieving multiple matching certificates */ -- cgit v1.2.3