From 21435953e16cda318a82334ddbadb3b5c36d9ea7 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Wed, 15 Jan 2020 15:51:32 +0000 Subject: gentoo resync : 15.01.2020 --- net-misc/stunnel/Manifest | 5 +- .../files/stunnel-5.43-compat-libressl.patch | 126 --------- net-misc/stunnel/files/stunnel-5.51-libressl.patch | 268 ------------------ net-misc/stunnel/files/stunnel-5.54-libressl.patch | 313 --------------------- net-misc/stunnel/stunnel-5.56-r1.ebuild | 89 ++++++ net-misc/stunnel/stunnel-5.56.ebuild | 91 ------ 6 files changed, 90 insertions(+), 802 deletions(-) delete mode 100644 net-misc/stunnel/files/stunnel-5.43-compat-libressl.patch delete mode 100644 net-misc/stunnel/files/stunnel-5.51-libressl.patch delete mode 100644 net-misc/stunnel/files/stunnel-5.54-libressl.patch create mode 100644 net-misc/stunnel/stunnel-5.56-r1.ebuild delete mode 100644 net-misc/stunnel/stunnel-5.56.ebuild (limited to 'net-misc/stunnel') diff --git a/net-misc/stunnel/Manifest b/net-misc/stunnel/Manifest index 456145c10608..627b8329e37e 100644 --- a/net-misc/stunnel/Manifest +++ b/net-misc/stunnel/Manifest @@ -1,8 +1,5 @@ AUX stunnel 1259 BLAKE2B f407bcff9249e57c46f641e8b666c187f3279e14d7d28f3565063887d8ef01b8379539fb7bb6a70d00e80809a203dd3a263de6c96012f5357b7e059044f0ca34 SHA512 c35855a20ca29d5277eaa597763db434ec069bc96e91bc7c2bbe3357c72ce792b84f653c59842cd2921cce810005cb79717fa4e728840766aff51656033585d6 -AUX stunnel-5.43-compat-libressl.patch 5328 BLAKE2B 5a014b47e3a314ab2d016ca31fb98d8a4fd613816c38382ece2a9925be217151130fab7d14666aac2602513c1cb0af04742c6a80eb9b8bf51caa46fdc05ad4b1 SHA512 d45e660fc610636dc93b8f696fc378cda4fcf7989f22aecff6394f84bbddfabb70255ebc4a9291a29806b3631767bb64b826c4a9fb2ecfe0ab7e53aebcdc7eb3 AUX stunnel-5.50-libressl.patch 8684 BLAKE2B 6c4b01ec93ba8e8d734dc5489b9eddabb3e655a858c709ed75cea7a38b745d3a281d483ea74d47ae98d3371321fbc9d2776cd470e56eaea0ab6851ec3b203f28 SHA512 802c5ae1c729cdeb72f1d4f53d8216243f5e3e801f964b057a53099ebe9cc67b1e8d09d58475130d5239c9cb5fd8a967a10193d1740daed182b7af43122b19d4 -AUX stunnel-5.51-libressl.patch 10288 BLAKE2B f403d620b6b1341d3934e560d8d7e81fb6567c5076c3c46a34ebafe7136d95e2c9bf0f1d56818384040e0dcf5a1a4e1e10afe29db1f32ff2008cef30b83a8da5 SHA512 d8c8562afeaed5a8843e08d50a5097a4e36a10a014ebe281d8ea0bc563ac5b9bfa9d884f8cf6008b58bf679a7e785d86b331cddcb0bd5e49ed664763d9b3e597 -AUX stunnel-5.54-libressl.patch 12341 BLAKE2B a46445e80f54ce9a912fb7b255600f3598513305485004249f11354312db13cbba8b7aa95a4da0d431ee0bef6e5c049afaa2d14b41d3ac4f222f8cc4ebb8e933 SHA512 1d85b587a36e2d78c0b97fa90829156a7123e860d323010287cee43bd36a803e490313e664e72b44ed54ba5e89a0920d8d8608b6ac269663892610c62f4240b0 AUX stunnel-r1 1437 BLAKE2B 92689cd4ee63920e1064cb96c88795132ee917e7886f9970f125f52d4eabf0fdb2515783c321771ae4e06598dca7e54f9b8131523c14dea7efa2769e0de0ed4b SHA512 6ccb1735770a4662e6fcb02bb7d0329cbed9aec16fc410f9d0f34f1a13dc5c9767eceafa406c55cca23b364c87c033bf5349d267838bbd5c560aaeec17ccd92c AUX stunnel.conf 1419 BLAKE2B 868f91060c0e43ded7eb6ae0c3734eaa1670caabb3b649cc552699a219a98b58374aa8864ef0d79d31e39185c8f3c35b3584f2c09218fff965966554e5335370 SHA512 4f76fd92eaf7fe878f7566a29ded673e7054edb8d7efeca8aad8621fdddeed457676d73b896d24466843874bb1b82ad3102cb1de4d24a7ac3597f3bf85d36826 AUX stunnel.tmpfiles.conf 38 BLAKE2B cedd3eccd1964dcc86255fca0e47fe692a2619fbcbc576480adf193192a2218972d07961a3ab4d30f095c308844f25fe71cdf285bde201050be24d4ce0ca80d3 SHA512 8e06ec39547ce5991217e551e563f5d212742afda94da801ec266c632375aae489594d14815fe596319d9881eb5a58e32bf05baa69f3a9d1bae554419f5ac1bb @@ -11,5 +8,5 @@ DIST stunnel-5.55.tar.gz 986873 BLAKE2B feb3a7d80aa2f67e0b8de2cdd2a134947f0715cc DIST stunnel-5.56.tar.gz 981163 BLAKE2B eef5a535165b1346d14e8fdd25ded7f497378bb63ab7d68642c5e1b3db2716c8e46db443146385a192a7e6042adcca295a5b107912e113f3f13f66e7a8d8b00b SHA512 db1be82b80bd5606568c5565f1c9a5710d4f7abca2d89388daa441bc395aaf2be998ac6403c7a17b8af01b89ade825186c20c50f73a809f9d64eca2e1b57a877 EBUILD stunnel-5.50-r1.ebuild 2791 BLAKE2B bcd255a5bb328074fde280a0e089de4a2f008ee025ad10f7807995dcc463918c1a62bcf4c8303aafa8fc0d188d7d5de1cf7bbc816cb4a3b647501d97ca6bb5cf SHA512 cd97d5c1d19f5cc5c85d00c5f5a45315492beaa8bee29f6d4858095ec920768232ecc36ab70adf5aa96cec20dd137a3d8e5a3c97695ce725941805baa511f8b3 EBUILD stunnel-5.55.ebuild 2773 BLAKE2B 410e8651d827f95ebd49c9d1d090beffb738c02a937764deb76afda893359fcad08cea1b867cfa9723af711677008ffa1ef6d178a497b36cbe678df9bda4c6b4 SHA512 66711c72febedd4ac825567bce53c2577c35f494de1d2dd1c12eae56dd0cf70deaef1c57dc332fe4321898fe894302e371b5f13f6b47b7ff9fd617a12795b275 -EBUILD stunnel-5.56.ebuild 2789 BLAKE2B e344d3ccbe579d5a781b2a67dad384f36bf6ab0cc5d3eac2e2ed5b5f0ad6d17d08bee075586df81ad35d79c1678ada18e19f83524eac3f65bb71de6f633bd112 SHA512 6bcf71ff7c426851c6577c2b71af19b2380445182d5abae643c66ee6364cc601b87a23e5a59e14128f77250254165cbd675735f15d90625b752c54654d0ad37f +EBUILD stunnel-5.56-r1.ebuild 2754 BLAKE2B c4a0442bc0c1f6c97d961961b986d3f30c92e8fd9062c3472c6a07f3095efdd5dce7585c10c27f827a6af9b1d1a525361b4d4b9d6a9d44e6c86ddecab1182c13 SHA512 1957ade6544b696fd993b2f94bf57543eadbccfadcf347ef3cb854895df624c3c3c6089dd3339bf12ef043e4c2a9cb0cc4ac1c3b8aeba8fc4331817756b87566 MISC metadata.xml 712 BLAKE2B 2e112f8a1f4fb41bd678a7e845e109923f00c281b5673e87cf2c06e68e8c1ee79e6230150cf911f4c28085ab22dc76eff54c80d201ef2709d5ee58a70f1a0084 SHA512 03c867389e13ef2596e97bc64b47209fe445eb5f4b2012d78f426f5eec96ad8359a735d9fe981109502d297837fa6ad50c43e0fe0b618aa9aed3f30fbd01e362 diff --git a/net-misc/stunnel/files/stunnel-5.43-compat-libressl.patch b/net-misc/stunnel/files/stunnel-5.43-compat-libressl.patch deleted file mode 100644 index 5b015a98b610..000000000000 --- a/net-misc/stunnel/files/stunnel-5.43-compat-libressl.patch +++ /dev/null @@ -1,126 +0,0 @@ -diff -Naur stunnel-5.43.orig/src/common.h stunnel-5.43/src/common.h ---- stunnel-5.43.orig/src/common.h 2017-01-02 14:27:26.000000000 +0000 -+++ stunnel-5.43/src/common.h 2017-11-06 13:42:39.940942240 +0000 -@@ -448,7 +448,7 @@ - #define OPENSSL_NO_TLS1_2 - #endif /* OpenSSL older than 1.0.1 || defined(OPENSSL_NO_TLS1) */ - --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - #ifndef OPENSSL_NO_SSL2 - #define OPENSSL_NO_SSL2 - #endif /* !defined(OPENSSL_NO_SSL2) */ -@@ -474,7 +474,7 @@ - #include - #ifndef OPENSSL_NO_DH - #include --#if OPENSSL_VERSION_NUMBER<0x10100000L -+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); - #endif /* OpenSSL older than 1.1.0 */ - #endif /* !defined(OPENSSL_NO_DH) */ -diff -Naur stunnel-5.43.orig/src/ctx.c stunnel-5.43/src/ctx.c ---- stunnel-5.43.orig/src/ctx.c 2017-08-17 09:18:53.000000000 +0000 -+++ stunnel-5.43/src/ctx.c 2017-11-06 13:47:55.571861529 +0000 -@@ -295,7 +295,7 @@ - - #ifndef OPENSSL_NO_DH - --#if OPENSSL_VERSION_NUMBER<0x10100000L -+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx) { - return ctx->cipher_list; - } -@@ -398,7 +398,7 @@ - /**************************************** initialize OpenSSL CONF */ - - NOEXPORT int conf_init(SERVICE_OPTIONS *section) { --#if OPENSSL_VERSION_NUMBER>=0x10002000L -+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) - SSL_CONF_CTX *cctx; - NAME_LIST *curr; - char *cmd, *param; -diff -Naur stunnel-5.43.orig/src/options.c stunnel-5.43/src/options.c ---- stunnel-5.43.orig/src/options.c 2017-10-16 18:38:47.000000000 +0000 -+++ stunnel-5.43/src/options.c 2017-11-06 13:46:18.630650320 +0000 -@@ -3656,7 +3656,7 @@ - } - #endif - /* engines can add new algorithms */ --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS| - OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); - #else -diff -Naur stunnel-5.43.orig/src/ssl.c stunnel-5.43/src/ssl.c ---- stunnel-5.43.orig/src/ssl.c 2017-10-07 14:23:08.000000000 +0000 -+++ stunnel-5.43/src/ssl.c 2017-11-06 13:42:39.940942240 +0000 -@@ -51,7 +51,7 @@ - int index_session_authenticated, index_session_connect_address; - - int ssl_init(void) { /* init TLS before parsing configuration file */ --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | - OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_LOAD_CONFIG, NULL); - #else -@@ -87,7 +87,7 @@ - } - - #ifndef OPENSSL_NO_DH --#if OPENSSL_VERSION_NUMBER<0x10100000L -+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - /* this is needed for dhparam.c generated with OpenSSL >= 1.1.0 - * to be linked against the older versions */ - int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) { -diff -Naur stunnel-5.43.orig/src/sthreads.c stunnel-5.43/src/sthreads.c ---- stunnel-5.43.orig/src/sthreads.c 2017-08-17 09:18:53.000000000 +0000 -+++ stunnel-5.43/src/sthreads.c 2017-11-06 13:42:39.940942240 +0000 -@@ -216,7 +216,7 @@ - - struct CRYPTO_dynlock_value stunnel_locks[STUNNEL_LOCKS]; - --#if OPENSSL_VERSION_NUMBER<0x10100004L -+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER) - #define CRYPTO_THREAD_lock_new() CRYPTO_get_new_dynlockid() - #endif - -diff -Naur stunnel-5.43.orig/src/verify.c stunnel-5.43/src/verify.c ---- stunnel-5.43.orig/src/verify.c 2017-05-13 09:01:07.000000000 +0000 -+++ stunnel-5.43/src/verify.c 2017-11-06 13:46:56.317566128 +0000 -@@ -51,7 +51,7 @@ - NOEXPORT int verify_callback(int, X509_STORE_CTX *); - NOEXPORT int verify_checks(CLI *, int, X509_STORE_CTX *); - NOEXPORT int cert_check(CLI *, X509_STORE_CTX *, int); --#if OPENSSL_VERSION_NUMBER>=0x10002000L -+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT int cert_check_subject(CLI *, X509_STORE_CTX *); - #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */ - NOEXPORT int cert_check_local(X509_STORE_CTX *); -@@ -285,7 +285,7 @@ - } - - if(depth==0) { /* additional peer certificate checks */ --#if OPENSSL_VERSION_NUMBER>=0x10002000L -+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) - if(!cert_check_subject(c, callback_ctx)) - return 0; /* reject */ - #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */ -@@ -296,7 +296,7 @@ - return 1; /* accept */ - } - --#if OPENSSL_VERSION_NUMBER>=0x10002000L -+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT int cert_check_subject(CLI *c, X509_STORE_CTX *callback_ctx) { - X509 *cert=X509_STORE_CTX_get_current_cert(callback_ctx); - NAME_LIST *ptr; -@@ -353,7 +353,7 @@ - cert=X509_STORE_CTX_get_current_cert(callback_ctx); - subject=X509_get_subject_name(cert); - --#if OPENSSL_VERSION_NUMBER<0x10100006L -+#if OPENSSL_VERSION_NUMBER<0x10100006L || defined(LIBRESSL_VERSION_NUMBER) - #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs - #endif - /* modern API allows retrieving multiple matching certificates */ diff --git a/net-misc/stunnel/files/stunnel-5.51-libressl.patch b/net-misc/stunnel/files/stunnel-5.51-libressl.patch deleted file mode 100644 index 7ca8ace454d8..000000000000 --- a/net-misc/stunnel/files/stunnel-5.51-libressl.patch +++ /dev/null @@ -1,268 +0,0 @@ -diff --git a/src/client.c b/src/client.c -index b67544a..6676529 100644 ---- a/src/client.c -+++ b/src/client.c -@@ -680,7 +680,7 @@ NOEXPORT void transfer(CLI *c) { - } - - /****************************** wait for an event */ --#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - pending=SSL_pending(c->ssl) || SSL_has_pending(c->ssl); - #else - pending=SSL_pending(c->ssl); -diff --git a/src/ctx.c b/src/ctx.c -index b3dc684..0186968 100644 ---- a/src/ctx.c -+++ b/src/ctx.c -@@ -91,7 +91,7 @@ NOEXPORT void set_prompt(const char *); - NOEXPORT int ui_retry(); - - /* session tickets */ --#if OPENSSL_VERSION_NUMBER >= 0x10101000L -+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT int generate_session_ticket_cb(SSL *, void *); - NOEXPORT int decrypt_session_ticket_cb(SSL *, SSL_SESSION *, - const unsigned char *, size_t, SSL_TICKET_STATUS, void *); -@@ -125,7 +125,7 @@ NOEXPORT void sslerror_log(unsigned long, const char *, int, char *); - - /**************************************** initialize section->ctx */ - --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - typedef long unsigned SSL_OPTIONS_TYPE; - #else - typedef long SSL_OPTIONS_TYPE; -@@ -133,7 +133,7 @@ typedef long SSL_OPTIONS_TYPE; - - int context_init(SERVICE_OPTIONS *section) { /* init TLS context */ - /* create TLS context */ --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - if(section->option.client) - section->ctx=SSL_CTX_new(TLS_client_method()); - else /* server mode */ -@@ -229,7 +229,7 @@ int context_init(SERVICE_OPTIONS *section) { /* init TLS context */ - #endif - - /* setup session tickets */ --#if OPENSSL_VERSION_NUMBER >= 0x10101000L -+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER) - SSL_CTX_set_session_ticket_cb(section->ctx, generate_session_ticket_cb, - decrypt_session_ticket_cb, NULL); - #endif /* OpenSSL 1.1.1 or later */ -@@ -483,7 +483,7 @@ NOEXPORT int ecdh_init(SERVICE_OPTIONS *section) { - /**************************************** initialize OpenSSL CONF */ - - NOEXPORT int conf_init(SERVICE_OPTIONS *section) { --#if OPENSSL_VERSION_NUMBER>=0x10002000L -+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) - SSL_CONF_CTX *cctx; - NAME_LIST *curr; - char *cmd, *param; -@@ -969,7 +969,7 @@ NOEXPORT int ui_retry() { - - /**************************************** session tickets */ - --#if OPENSSL_VERSION_NUMBER >= 0x10101000L -+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER) - - typedef struct { - void *session_authenticated; -@@ -1412,7 +1412,7 @@ NOEXPORT void info_callback(const SSL *ssl, int where, int ret) { - - c=SSL_get_ex_data((SSL *)ssl, index_ssl_cli); - if(c) { --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - OSSL_HANDSHAKE_STATE state=SSL_get_state(ssl); - #else - int state=SSL_get_state((SSL *)ssl); -diff --git a/src/options.c b/src/options.c -index c7bd5c5..5441b80 100644 ---- a/src/options.c -+++ b/src/options.c -@@ -81,7 +81,7 @@ NOEXPORT char *sni_init(SERVICE_OPTIONS *); - NOEXPORT void sni_free(SERVICE_OPTIONS *); - #endif /* !defined(OPENSSL_NO_TLSEXT) */ - --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT int str_to_proto_version(const char *); - #else /* OPENSSL_VERSION_NUMBER<0x10100000L */ - NOEXPORT char *tls_methods_set(SERVICE_OPTIONS *, const char *); -@@ -3098,7 +3098,7 @@ NOEXPORT char *parse_service_option(CMD cmd, SERVICE_OPTIONS **section_ptr, - break; - } - --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - - /* sslVersion */ - switch(cmd) { -@@ -3671,7 +3671,7 @@ NOEXPORT void sni_free(SERVICE_OPTIONS *section) { - - /**************************************** modern TLS version handling */ - --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - - NOEXPORT int str_to_proto_version(const char *name) { - if(!strcasecmp(name, "all")) -diff --git a/src/prototypes.h b/src/prototypes.h -index 4a5d9af..057d3b9 100644 ---- a/src/prototypes.h -+++ b/src/prototypes.h -@@ -226,7 +226,7 @@ typedef struct service_options_struct { - #if OPENSSL_VERSION_NUMBER>=0x009080dfL - long unsigned ssl_options_clear; - #endif /* OpenSSL 0.9.8m or later */ --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - int min_proto_version, max_proto_version; - #else /* OPENSSL_VERSION_NUMBER<0x10100000L */ - SSL_METHOD *client_method, *server_method; -@@ -666,7 +666,7 @@ int getnameinfo(const struct sockaddr *, socklen_t, - #define USE_OS_THREADS - #endif - --#if OPENSSL_VERSION_NUMBER<0x10100004L -+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER) - - #ifdef USE_OS_THREADS - -@@ -714,7 +714,7 @@ typedef enum { - - extern CRYPTO_RWLOCK *stunnel_locks[STUNNEL_LOCKS]; - --#if OPENSSL_VERSION_NUMBER<0x10100004L -+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER) - /* Emulate the OpenSSL 1.1 locking API for older OpenSSL versions */ - CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void); - int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *); -diff --git a/src/ssl.c b/src/ssl.c -index 60e31c1..10b0658 100644 ---- a/src/ssl.c -+++ b/src/ssl.c -@@ -39,7 +39,7 @@ - #include "prototypes.h" - - /* global OpenSSL initialization: compression, engine, entropy */ --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT int cb_dup_addr(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from, - void *from_d, int idx, long argl, void *argp); - #else -@@ -114,7 +114,7 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) { - #endif - #endif - --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT int cb_dup_addr(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from, - void *from_d, int idx, long argl, void *argp) { - #else -@@ -177,7 +177,7 @@ int ssl_configure(GLOBAL_OPTIONS *global) { /* configure global TLS settings */ - - #ifndef OPENSSL_NO_COMP - --#if OPENSSL_VERSION_NUMBER<0x10100000L -+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - - NOEXPORT int COMP_get_type(const COMP_METHOD *meth) { - return meth->type; -diff --git a/src/sthreads.c b/src/sthreads.c -index 37a1398..750e312 100644 ---- a/src/sthreads.c -+++ b/src/sthreads.c -@@ -97,14 +97,16 @@ unsigned long stunnel_thread_id(void) { - - #endif /* USE_WIN32 */ - --#if OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100004L -+#if (OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100004L) || \ -+ defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT void threadid_func(CRYPTO_THREADID *tid) { - CRYPTO_THREADID_set_numeric(tid, stunnel_thread_id()); - } - #endif - - void thread_id_init(void) { --#if OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100000L -+#if (OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100000L) || \ -+ defined(LIBRESSL_VERSION_NUMBER) - CRYPTO_THREADID_set_callback(threadid_func); - #endif - #if OPENSSL_VERSION_NUMBER<0x10000000L || !defined(OPENSSL_NO_DEPRECATED) -@@ -115,7 +117,7 @@ void thread_id_init(void) { - /**************************************** locking */ - - /* we only need to initialize locking with OpenSSL older than 1.1.0 */ --#if OPENSSL_VERSION_NUMBER<0x10100004L -+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER) - - #ifdef USE_PTHREAD - -@@ -224,7 +226,7 @@ NOEXPORT int s_atomic_add(int *val, int amount, CRYPTO_RWLOCK *lock) { - - CRYPTO_RWLOCK *stunnel_locks[STUNNEL_LOCKS]; - --#if OPENSSL_VERSION_NUMBER<0x10100004L -+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER) - - #ifdef USE_OS_THREADS - -@@ -334,7 +336,8 @@ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock) { - - void locking_init(void) { - size_t i; --#if defined(USE_OS_THREADS) && OPENSSL_VERSION_NUMBER<0x10100004L -+#if defined(USE_OS_THREADS) && \ -+ (OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)) - size_t num; - - /* initialize the OpenSSL static locking */ -diff --git a/src/tls.c b/src/tls.c -index 6c92b96..5e60a95 100644 ---- a/src/tls.c -+++ b/src/tls.c -@@ -41,7 +41,7 @@ - volatile int tls_initialized=0; - - NOEXPORT void tls_platform_init(); --#if OPENSSL_VERSION_NUMBER<0x10100000L -+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT void free_function(void *); - #endif - -@@ -52,7 +52,7 @@ void tls_init() { - tls_platform_init(); - tls_initialized=1; - ui_tls=tls_alloc(NULL, NULL, "ui"); --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - CRYPTO_set_mem_functions(str_alloc_detached_debug, - str_realloc_detached_debug, str_free_debug); - #else -@@ -184,7 +184,7 @@ TLS_DATA *tls_get() { - - /**************************************** OpenSSL allocator hook */ - --#if OPENSSL_VERSION_NUMBER<0x10100000L -+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT void free_function(void *ptr) { - /* CRYPTO_set_mem_ex_functions() needs a function rather than a macro */ - /* unfortunately, OpenSSL provides no file:line information here */ -diff --git a/src/verify.c b/src/verify.c -index acdfb5b..d7b7655 100644 ---- a/src/verify.c -+++ b/src/verify.c -@@ -346,7 +346,7 @@ NOEXPORT int cert_check_local(X509_STORE_CTX *callback_ctx) { - cert=X509_STORE_CTX_get_current_cert(callback_ctx); - subject=X509_get_subject_name(cert); - --#if OPENSSL_VERSION_NUMBER<0x10100006L -+#if OPENSSL_VERSION_NUMBER<0x10100006L || defined(LIBRESSL_VERSION_NUMBER) - #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs - #endif - /* modern API allows retrieving multiple matching certificates */ diff --git a/net-misc/stunnel/files/stunnel-5.54-libressl.patch b/net-misc/stunnel/files/stunnel-5.54-libressl.patch deleted file mode 100644 index 1965f47bca2d..000000000000 --- a/net-misc/stunnel/files/stunnel-5.54-libressl.patch +++ /dev/null @@ -1,313 +0,0 @@ -diff --git a/src/client.c b/src/client.c -index 21fa273..e500d62 100644 ---- a/src/client.c -+++ b/src/client.c -@@ -657,7 +657,7 @@ NOEXPORT void print_cipher(CLI *c) { /* print negotiated cipher */ - NOEXPORT void transfer(CLI *c) { - int timeout; /* s_poll_wait timeout in seconds */ - int pending; /* either processed on unprocessed TLS data */ --#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - int has_pending=0, prev_has_pending; - #endif - int watchdog=0; /* a counter to detect an infinite loop */ -@@ -705,7 +705,7 @@ NOEXPORT void transfer(CLI *c) { - - /****************************** wait for an event */ - pending=SSL_pending(c->ssl); --#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - /* only attempt to process SSL_has_pending() data once */ - prev_has_pending=has_pending; - has_pending=SSL_has_pending(c->ssl); -@@ -1109,7 +1109,7 @@ NOEXPORT void transfer(CLI *c) { - s_log(LOG_ERR, - "please report the problem to Michal.Trojnara@stunnel.org"); - stunnel_info(LOG_ERR); --#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - s_log(LOG_ERR, "protocol=%s, SSL_pending=%d, SSL_has_pending=%d", - SSL_get_version(c->ssl), - SSL_pending(c->ssl), SSL_has_pending(c->ssl)); -diff --git a/src/ctx.c b/src/ctx.c -index 01119f3..b73fdcb 100644 ---- a/src/ctx.c -+++ b/src/ctx.c -@@ -91,7 +91,7 @@ NOEXPORT void set_prompt(const char *); - NOEXPORT int ui_retry(); - - /* session tickets */ --#if OPENSSL_VERSION_NUMBER >= 0x10101000L -+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT int generate_session_ticket_cb(SSL *, void *); - NOEXPORT int decrypt_session_ticket_cb(SSL *, SSL_SESSION *, - const unsigned char *, size_t, SSL_TICKET_STATUS, void *); -@@ -130,7 +130,7 @@ NOEXPORT void sslerror_log(unsigned long, const char *, int, char *); - - /**************************************** initialize section->ctx */ - --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - typedef long unsigned SSL_OPTIONS_TYPE; - #else - typedef long SSL_OPTIONS_TYPE; -@@ -138,7 +138,7 @@ typedef long SSL_OPTIONS_TYPE; - - int context_init(SERVICE_OPTIONS *section) { /* init TLS context */ - /* create TLS context */ --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - if(section->option.client) - section->ctx=SSL_CTX_new(TLS_client_method()); - else /* server mode */ -@@ -234,7 +234,7 @@ int context_init(SERVICE_OPTIONS *section) { /* init TLS context */ - #endif - - /* setup session tickets */ --#if OPENSSL_VERSION_NUMBER >= 0x10101000L -+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER) - SSL_CTX_set_session_ticket_cb(section->ctx, generate_session_ticket_cb, - decrypt_session_ticket_cb, NULL); - #endif /* OpenSSL 1.1.1 or later */ -@@ -493,7 +493,7 @@ NOEXPORT int ecdh_init(SERVICE_OPTIONS *section) { - /**************************************** initialize OpenSSL CONF */ - - NOEXPORT int conf_init(SERVICE_OPTIONS *section) { --#if OPENSSL_VERSION_NUMBER>=0x10002000L -+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) - SSL_CONF_CTX *cctx; - NAME_LIST *curr; - char *cmd, *param; -@@ -979,7 +979,7 @@ NOEXPORT int ui_retry() { - - /**************************************** session tickets */ - --#if OPENSSL_VERSION_NUMBER >= 0x10101000L -+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER) - - typedef struct { - void *session_authenticated; -@@ -1470,7 +1470,7 @@ NOEXPORT void info_callback(const SSL *ssl, int where, int ret) { - - c=SSL_get_ex_data((SSL *)ssl, index_ssl_cli); - if(c) { --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - OSSL_HANDSHAKE_STATE state=SSL_get_state(ssl); - #else - int state=SSL_get_state((SSL *)ssl); -diff --git a/src/options.c b/src/options.c -index 670adbe..a10cecd 100644 ---- a/src/options.c -+++ b/src/options.c -@@ -81,7 +81,7 @@ NOEXPORT char *sni_init(SERVICE_OPTIONS *); - NOEXPORT void sni_free(SERVICE_OPTIONS *); - #endif /* !defined(OPENSSL_NO_TLSEXT) */ - --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT int str_to_proto_version(const char *); - #else /* OPENSSL_VERSION_NUMBER<0x10100000L */ - NOEXPORT char *tls_methods_set(SERVICE_OPTIONS *, const char *); -@@ -96,7 +96,7 @@ NOEXPORT PSK_KEYS *psk_dup(PSK_KEYS *); - NOEXPORT void psk_free(PSK_KEYS *); - #endif /* !defined(OPENSSL_NO_PSK) */ - --#if OPENSSL_VERSION_NUMBER>=0x10000000L -+#if OPENSSL_VERSION_NUMBER>=0x10000000L && !defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT TICKET_KEY *key_read(char *, char *); - NOEXPORT TICKET_KEY *key_dup(TICKET_KEY *); - NOEXPORT void key_free(TICKET_KEY *); -@@ -3104,7 +3104,7 @@ NOEXPORT char *parse_service_option(CMD cmd, SERVICE_OPTIONS **section_ptr, - break; - } - --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - - /* sslVersion */ - switch(cmd) { -@@ -3273,7 +3273,7 @@ NOEXPORT char *parse_service_option(CMD cmd, SERVICE_OPTIONS **section_ptr, - } - #endif - --#if OPENSSL_VERSION_NUMBER>=0x10000000L -+#if OPENSSL_VERSION_NUMBER>=0x10000000L && !defined(LIBRESSL_VERSION_NUMBER) - - /* ticketKeySecret */ - switch(cmd) { -@@ -3755,7 +3755,7 @@ NOEXPORT void sni_free(SERVICE_OPTIONS *section) { - - /**************************************** modern TLS version handling */ - --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - - NOEXPORT int str_to_proto_version(const char *name) { - if(!strcasecmp(name, "all")) -@@ -4079,7 +4079,7 @@ NOEXPORT void psk_free(PSK_KEYS *head) { - - /**************************************** read ticket key */ - --#if OPENSSL_VERSION_NUMBER>=0x10000000L -+#if OPENSSL_VERSION_NUMBER>=0x10000000L && !defined(LIBRESSL_VERSION_NUMBER) - - NOEXPORT TICKET_KEY *key_read(char *arg, char *option) { - char *key_str; -diff --git a/src/prototypes.h b/src/prototypes.h -index ebd413c..edd4341 100644 ---- a/src/prototypes.h -+++ b/src/prototypes.h -@@ -244,7 +244,7 @@ typedef struct service_options_struct { - #if OPENSSL_VERSION_NUMBER>=0x009080dfL - long unsigned ssl_options_clear; - #endif /* OpenSSL 0.9.8m or later */ --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - int min_proto_version, max_proto_version; - #else /* OPENSSL_VERSION_NUMBER<0x10100000L */ - SSL_METHOD *client_method, *server_method; -@@ -706,7 +706,7 @@ int getnameinfo(const struct sockaddr *, socklen_t, - extern CLI *thread_head; - #endif - --#if OPENSSL_VERSION_NUMBER<0x10100004L -+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER) - - #ifdef USE_OS_THREADS - -@@ -755,7 +755,7 @@ typedef enum { - - extern CRYPTO_RWLOCK *stunnel_locks[STUNNEL_LOCKS]; - --#if OPENSSL_VERSION_NUMBER<0x10100004L -+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER) - /* Emulate the OpenSSL 1.1 locking API for older OpenSSL versions */ - CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void); - int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *); -diff --git a/src/ssl.c b/src/ssl.c -index 60e31c1..10b0658 100644 ---- a/src/ssl.c -+++ b/src/ssl.c -@@ -39,7 +39,7 @@ - #include "prototypes.h" - - /* global OpenSSL initialization: compression, engine, entropy */ --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT int cb_dup_addr(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from, - void *from_d, int idx, long argl, void *argp); - #else -@@ -114,7 +114,7 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) { - #endif - #endif - --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT int cb_dup_addr(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from, - void *from_d, int idx, long argl, void *argp) { - #else -@@ -177,7 +177,7 @@ int ssl_configure(GLOBAL_OPTIONS *global) { /* configure global TLS settings */ - - #ifndef OPENSSL_NO_COMP - --#if OPENSSL_VERSION_NUMBER<0x10100000L -+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - - NOEXPORT int COMP_get_type(const COMP_METHOD *meth) { - return meth->type; -diff --git a/src/sthreads.c b/src/sthreads.c -index dc2cd43..7a01f2e 100644 ---- a/src/sthreads.c -+++ b/src/sthreads.c -@@ -102,14 +102,16 @@ unsigned long stunnel_thread_id(void) { - - #endif /* USE_WIN32 */ - --#if OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100004L -+#if (OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100004L) || \ -+ defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT void threadid_func(CRYPTO_THREADID *tid) { - CRYPTO_THREADID_set_numeric(tid, stunnel_thread_id()); - } - #endif - - void thread_id_init(void) { --#if OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100000L -+#if (OPENSSL_VERSION_NUMBER>=0x10000000L && OPENSSL_VERSION_NUMBER<0x10100000L) || \ -+ defined(LIBRESSL_VERSION_NUMBER) - CRYPTO_THREADID_set_callback(threadid_func); - #endif - #if OPENSSL_VERSION_NUMBER<0x10000000L || !defined(OPENSSL_NO_DEPRECATED) -@@ -120,7 +122,7 @@ void thread_id_init(void) { - /**************************************** locking */ - - /* we only need to initialize locking with OpenSSL older than 1.1.0 */ --#if OPENSSL_VERSION_NUMBER<0x10100004L -+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER) - - #ifdef USE_PTHREAD - -@@ -229,7 +231,7 @@ NOEXPORT int s_atomic_add(int *val, int amount, CRYPTO_RWLOCK *lock) { - - CRYPTO_RWLOCK *stunnel_locks[STUNNEL_LOCKS]; - --#if OPENSSL_VERSION_NUMBER<0x10100004L -+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER) - - #ifdef USE_OS_THREADS - -@@ -339,7 +341,8 @@ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock) { - - void locking_init(void) { - size_t i; --#if defined(USE_OS_THREADS) && OPENSSL_VERSION_NUMBER<0x10100004L -+#if defined(USE_OS_THREADS) && \ -+ (OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)) - size_t num; - - /* initialize the OpenSSL static locking */ -diff --git a/src/tls.c b/src/tls.c -index 6c92b96..5e60a95 100644 ---- a/src/tls.c -+++ b/src/tls.c -@@ -41,7 +41,7 @@ - volatile int tls_initialized=0; - - NOEXPORT void tls_platform_init(); --#if OPENSSL_VERSION_NUMBER<0x10100000L -+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT void free_function(void *); - #endif - -@@ -52,7 +52,7 @@ void tls_init() { - tls_platform_init(); - tls_initialized=1; - ui_tls=tls_alloc(NULL, NULL, "ui"); --#if OPENSSL_VERSION_NUMBER>=0x10100000L -+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - CRYPTO_set_mem_functions(str_alloc_detached_debug, - str_realloc_detached_debug, str_free_debug); - #else -@@ -184,7 +184,7 @@ TLS_DATA *tls_get() { - - /**************************************** OpenSSL allocator hook */ - --#if OPENSSL_VERSION_NUMBER<0x10100000L -+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - NOEXPORT void free_function(void *ptr) { - /* CRYPTO_set_mem_ex_functions() needs a function rather than a macro */ - /* unfortunately, OpenSSL provides no file:line information here */ -diff --git a/src/verify.c b/src/verify.c -index 1d1eccb..dfd9bff 100644 ---- a/src/verify.c -+++ b/src/verify.c -@@ -346,7 +346,7 @@ NOEXPORT int cert_check_local(X509_STORE_CTX *callback_ctx) { - cert=X509_STORE_CTX_get_current_cert(callback_ctx); - subject=X509_get_subject_name(cert); - --#if OPENSSL_VERSION_NUMBER<0x10100006L -+#if OPENSSL_VERSION_NUMBER<0x10100006L || defined(LIBRESSL_VERSION_NUMBER) - #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs - #endif - /* modern API allows retrieving multiple matching certificates */ diff --git a/net-misc/stunnel/stunnel-5.56-r1.ebuild b/net-misc/stunnel/stunnel-5.56-r1.ebuild new file mode 100644 index 000000000000..667f8f567387 --- /dev/null +++ b/net-misc/stunnel/stunnel-5.56-r1.ebuild @@ -0,0 +1,89 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="7" + +inherit ssl-cert multilib systemd + +DESCRIPTION="TLS/SSL - Port Wrapper" +HOMEPAGE="http://www.stunnel.org/index.html" +SRC_URI="ftp://ftp.stunnel.org/stunnel/archive/${PV%%.*}.x/${P}.tar.gz + http://www.usenix.org.uk/mirrors/stunnel/archive/${PV%%.*}.x/${P}.tar.gz + http://ftp.nluug.nl/pub/networking/stunnel/archive/${PV%%.*}.x/${P}.tar.gz + http://www.namesdir.com/mirrors/stunnel/archive/${PV%%.*}.x/${P}.tar.gz + http://stunnel.cybermirror.org/archive/${PV%%.*}.x/${P}.tar.gz + http://mirrors.zerg.biz/stunnel/archive/${PV%%.*}.x/${P}.tar.gz + ftp://mirrors.go-parts.com/stunnel/archive/${PV%%.*}.x/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos" +IUSE="ipv6 selinux stunnel3 tcpd" + +DEPEND="dev-libs/openssl:0= + tcpd? ( sys-apps/tcp-wrappers )" +RDEPEND=" + acct-user/stunnel + acct-group/stunnel + ${DEPEND} + stunnel3? ( dev-lang/perl ) + selinux? ( sec-policy/selinux-stunnel )" + +RESTRICT="test" + +src_prepare() { + # Hack away generation of certificate + sed -i -e "s/^install-data-local:/do-not-run-this:/" \ + tools/Makefile.in || die "sed failed" + + echo "CONFIG_PROTECT=\"/etc/stunnel/stunnel.conf\"" > "${T}"/20stunnel + + eapply_user +} + +src_configure() { + econf \ + --libdir="${EPREFIX}/usr/$(get_libdir)" \ + $(use_enable ipv6) \ + $(use_enable tcpd libwrap) \ + --with-ssl="${EPREFIX}"/usr \ + --disable-fips +} + +src_install() { + emake DESTDIR="${D}" install + rm -rf "${ED}"/usr/share/doc/${PN} + rm -f "${ED}"/etc/stunnel/stunnel.conf-sample \ + "${ED}"/usr/share/man/man8/stunnel.{fr,pl}.8 + use stunnel3 || rm -f "${ED}"/usr/bin/stunnel3 + + # The binary was moved to /usr/bin with 4.21, + # symlink for backwards compatibility + dosym ../bin/stunnel /usr/sbin/stunnel + + dodoc AUTHORS.md BUGS.md CREDITS.md PORTS.md README.md TODO.md + docinto html + dodoc doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \ + tools/importCA.html + + insinto /etc/stunnel + doins "${FILESDIR}"/stunnel.conf + newinitd "${FILESDIR}"/stunnel-r1 stunnel + + doenvd "${T}"/20stunnel + + systemd_dounit "${S}/tools/stunnel.service" + systemd_newtmpfilesd "${FILESDIR}"/stunnel.tmpfiles.conf stunnel.conf +} + +pkg_postinst() { + if [ ! -f "${EROOT}"/etc/stunnel/stunnel.key ]; then + install_cert /etc/stunnel/stunnel + chown stunnel:stunnel "${EROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem} + chmod 0640 "${EROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem} + fi + + einfo "If you want to run multiple instances of stunnel, create a new config" + einfo "file ending with .conf in /etc/stunnel/. **Make sure** you change " + einfo "\'pid= \' with a unique filename." +} diff --git a/net-misc/stunnel/stunnel-5.56.ebuild b/net-misc/stunnel/stunnel-5.56.ebuild deleted file mode 100644 index 4ad962ee6aa9..000000000000 --- a/net-misc/stunnel/stunnel-5.56.ebuild +++ /dev/null @@ -1,91 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" - -inherit ssl-cert multilib systemd user - -DESCRIPTION="TLS/SSL - Port Wrapper" -HOMEPAGE="http://www.stunnel.org/index.html" -SRC_URI="ftp://ftp.stunnel.org/stunnel/archive/${PV%%.*}.x/${P}.tar.gz - http://www.usenix.org.uk/mirrors/stunnel/archive/${PV%%.*}.x/${P}.tar.gz - http://ftp.nluug.nl/pub/networking/stunnel/archive/${PV%%.*}.x/${P}.tar.gz - http://www.namesdir.com/mirrors/stunnel/archive/${PV%%.*}.x/${P}.tar.gz - http://stunnel.cybermirror.org/archive/${PV%%.*}.x/${P}.tar.gz - http://mirrors.zerg.biz/stunnel/archive/${PV%%.*}.x/${P}.tar.gz - ftp://mirrors.go-parts.com/stunnel/archive/${PV%%.*}.x/${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos" -IUSE="ipv6 selinux stunnel3 tcpd" - -DEPEND="dev-libs/openssl:0= - tcpd? ( sys-apps/tcp-wrappers )" -RDEPEND="${DEPEND} - stunnel3? ( dev-lang/perl ) - selinux? ( sec-policy/selinux-stunnel )" - -RESTRICT="test" - -pkg_setup() { - enewgroup stunnel - enewuser stunnel -1 -1 -1 stunnel -} - -src_prepare() { - # Hack away generation of certificate - sed -i -e "s/^install-data-local:/do-not-run-this:/" \ - tools/Makefile.in || die "sed failed" - - echo "CONFIG_PROTECT=\"/etc/stunnel/stunnel.conf\"" > "${T}"/20stunnel - - eapply_user -} - -src_configure() { - econf \ - --libdir="${EPREFIX}/usr/$(get_libdir)" \ - $(use_enable ipv6) \ - $(use_enable tcpd libwrap) \ - --with-ssl="${EPREFIX}"/usr \ - --disable-fips -} - -src_install() { - emake DESTDIR="${D}" install - rm -rf "${ED}"/usr/share/doc/${PN} - rm -f "${ED}"/etc/stunnel/stunnel.conf-sample \ - "${ED}"/usr/share/man/man8/stunnel.{fr,pl}.8 - use stunnel3 || rm -f "${ED}"/usr/bin/stunnel3 - - # The binary was moved to /usr/bin with 4.21, - # symlink for backwards compatibility - dosym ../bin/stunnel /usr/sbin/stunnel - - dodoc AUTHORS.md BUGS.md CREDITS.md PORTS.md README.md TODO.md - docinto html - dodoc doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \ - tools/importCA.html - - insinto /etc/stunnel - doins "${FILESDIR}"/stunnel.conf - newinitd "${FILESDIR}"/stunnel-r1 stunnel - - doenvd "${T}"/20stunnel - - systemd_dounit "${S}/tools/stunnel.service" - systemd_newtmpfilesd "${FILESDIR}"/stunnel.tmpfiles.conf stunnel.conf -} - -pkg_postinst() { - if [ ! -f "${EROOT}"/etc/stunnel/stunnel.key ]; then - install_cert /etc/stunnel/stunnel - chown stunnel:stunnel "${EROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem} - chmod 0640 "${EROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem} - fi - - einfo "If you want to run multiple instances of stunnel, create a new config" - einfo "file ending with .conf in /etc/stunnel/. **Make sure** you change " - einfo "\'pid= \' with a unique filename." -} -- cgit v1.2.3