From 71bc00c87bba1ce31de0dac6c3b7fd1aee6917fc Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@redcorelinux.org>
Date: Sat, 14 Jul 2018 20:52:04 +0100
Subject: gentoo resync : 14.07.2018

---
 net-misc/stunnel/Manifest                          |   3 +
 .../files/stunnel-5.48-compat-libressl.patch       | 114 +++++++++++++++++++++
 net-misc/stunnel/stunnel-5.48.ebuild               |  95 +++++++++++++++++
 3 files changed, 212 insertions(+)
 create mode 100644 net-misc/stunnel/files/stunnel-5.48-compat-libressl.patch
 create mode 100644 net-misc/stunnel/stunnel-5.48.ebuild

(limited to 'net-misc/stunnel')

diff --git a/net-misc/stunnel/Manifest b/net-misc/stunnel/Manifest
index 38e114ad357b..6cfb85ff05c4 100644
--- a/net-misc/stunnel/Manifest
+++ b/net-misc/stunnel/Manifest
@@ -1,6 +1,7 @@
 AUX stunnel 1259 BLAKE2B f407bcff9249e57c46f641e8b666c187f3279e14d7d28f3565063887d8ef01b8379539fb7bb6a70d00e80809a203dd3a263de6c96012f5357b7e059044f0ca34 SHA512 c35855a20ca29d5277eaa597763db434ec069bc96e91bc7c2bbe3357c72ce792b84f653c59842cd2921cce810005cb79717fa4e728840766aff51656033585d6
 AUX stunnel-5.39-compat-libressl.patch 5329 BLAKE2B b88f615e88940dc091c264b34ef3c71701e120cc907bd438cb6966b1b720fd9dd8b8bcab5235519b0eefaa1576e37cc8b4c9887cf4d6a2330ba5461347f6ded7 SHA512 a6390e1452f0cf7f2867b28ebc36e0b4f9f6ab8985b03f182625d1970a9bbc0228addaa966feb3c0df8925191b73fdaf48e1e65aef68d3d62962fd28760b3578
 AUX stunnel-5.43-compat-libressl.patch 5328 BLAKE2B 5a014b47e3a314ab2d016ca31fb98d8a4fd613816c38382ece2a9925be217151130fab7d14666aac2602513c1cb0af04742c6a80eb9b8bf51caa46fdc05ad4b1 SHA512 d45e660fc610636dc93b8f696fc378cda4fcf7989f22aecff6394f84bbddfabb70255ebc4a9291a29806b3631767bb64b826c4a9fb2ecfe0ab7e53aebcdc7eb3
+AUX stunnel-5.48-compat-libressl.patch 4845 BLAKE2B 0c6bc9059902be43970a78269632dcdbb82a9e07a6cfa8dca6b960f79832953a7d7173097c74a24ccad8c59deca1353887519cfde107b22d10422204bb83e9cf SHA512 b03277b8487fc9cd763c11e0b32c3755dd4aea76ecc21238204d4f27f03b5cfc72ee7ab148aa813a6eb21bb588d8dadc2b0610049175fa1278e799681a946098
 AUX stunnel-compat-libressl.patch 1871 BLAKE2B e7545ae95b173b868fff7159a681497655f8c80c994add9901a752787d2c51728c994ef940f540abc7538585b51ca4de41ddd20e0f929330188ffd2e0d2ded78 SHA512 590f6be1962ef3ca1c8f1c64c02b1e63b7211a2ba5cb5fd4eb09127e45ee5251a7ec701aae3eda25e34caa1977378ad5f7b75e826aee7d9d5ff8b9acbd298f36
 AUX stunnel-r1 1437 BLAKE2B 92689cd4ee63920e1064cb96c88795132ee917e7886f9970f125f52d4eabf0fdb2515783c321771ae4e06598dca7e54f9b8131523c14dea7efa2769e0de0ed4b SHA512 6ccb1735770a4662e6fcb02bb7d0329cbed9aec16fc410f9d0f34f1a13dc5c9767eceafa406c55cca23b364c87c033bf5349d267838bbd5c560aaeec17ccd92c
 AUX stunnel.conf 1419 BLAKE2B 868f91060c0e43ded7eb6ae0c3734eaa1670caabb3b649cc552699a219a98b58374aa8864ef0d79d31e39185c8f3c35b3584f2c09218fff965966554e5335370 SHA512 4f76fd92eaf7fe878f7566a29ded673e7054edb8d7efeca8aad8621fdddeed457676d73b896d24466843874bb1b82ad3102cb1de4d24a7ac3597f3bf85d36826
@@ -11,10 +12,12 @@ DIST stunnel-5.43.tar.gz 698715 BLAKE2B 21ac7014e571e1c22b1b21b6dc5c4f22ec91197c
 DIST stunnel-5.44.tar.gz 699117 BLAKE2B 956c7ce8987f79efab3baaa5071263466ec01f0475bd7e66dff41e8de66811a10be3a5f14bd6430e26159682bd3c2abe93a0d5824a854ae0243e6bbfae14a664 SHA512 a1aa4f234926208bf1b2c9acc0bf83dc0f2c8f575bc57f5ce89b32b4e3fde0412ea0ef7c2edb364fbe0b52fdd89773fab4df53950c58797c11b7668f3e4e7638
 DIST stunnel-5.45.tar.gz 706423 BLAKE2B 81c5355419de3b0bc88d59ea8c98d1a4523d7a1ae6a3d12464f7ab6a1df1f5dd798d2f50ec7adce7515e68a650149321f13e34791781620ad071824246502dce SHA512 653fea6e5002983bb9231a542ab1bab078428821910b8e257adbeea88e583e84d080615f232d5d3086e8d6069c43ddbdfc7923c4b50071ab0c0be547e76d8983
 DIST stunnel-5.46.tar.gz 706499 BLAKE2B 6ece93015b2a59ec17fa60505bccb5e4444879d44fa0cea6e838aa56d178f61f26b8b9b469d8bf2991d4c094fd824eaed2b5214184f6a15e0c415c53b6f7d136 SHA512 2000e36d4d011a83e47afcaf19473e083da010d7b3909cb831c51975512257888615b5d64f4a4d78f48529d68c6740ea2be7f7935b0ab86de4535e290f78cc97
+DIST stunnel-5.48.tar.gz 708356 BLAKE2B 6f4538c5fe6bc00eb0f45edfbf83f1de6cfcd23257aa368dc0ba788dd17af7033ba20f1ab7c3f5bf48a5e2ff3d4048eb1a344d1ea4cebebe69e6e2277aaf19ba SHA512 5e6669ecd6e9b49aa6ef82b9a4dc6a2193c975eef85262aba70c7f264ef1b4d15dc287a2baa94b71be063deddcd07a20a5347ed5280f044fc6f68c61429a24fa
 EBUILD stunnel-5.36.ebuild 2899 BLAKE2B a4c62a1a79157b5b24a8904dacbe45a44b22b53710b44a5bb5c3823e29df666024e8300d82cc6fc5e52a9f8cedad0beaaadc5ee4bec4d366f2544587009c73db SHA512 ffeac1d20a4a83fcda56ae36b81e7a230ae18ad786fdbd51024b0f87b013c9988538cb92d8757869b3337fc78cf25e605fa31fe3d54b437df59c3f1d4a8ec595
 EBUILD stunnel-5.40.ebuild 2930 BLAKE2B b18d32b276cb28e83b8f99b5c495c929c3c6ddff54a7580be3387aa4d5e114feed917bdf4a7faa4136850cdea0ba019fdc3c86fb28268f23f23a125ceb7b896e SHA512 6034f34af01ed21b16474f1ec4a76249d9ee2f14e4312ecf8d7cb75f66f49e9e641328fa4904cc9adec6d9cb480e63187ed9bb9a6263846ef2eaf7a2d8f3eb20
 EBUILD stunnel-5.43.ebuild 2924 BLAKE2B 689f16562224aa5bf7892c048e5037094903621faea7b90820dd77a9d7c0f283200ae2c7dc64e1e501758712344efa7394ecf0f95db707d1d46baa93251658f6 SHA512 e6038fccced6a034a6fe153683deb2ea71dc9f853554a9316f1752c1d124f63467ad4748ec907cde61bb290a9f8ad830023f8d27e385e59f1293648655635644
 EBUILD stunnel-5.44.ebuild 2930 BLAKE2B 2f027288047c1efa62cbcff7869b492422b925576e2f672a851f8c101de4c9a8dbe87d6746050eb5d6115ccaab81c5006b5ee046b3356cf161142c99c6ee6372 SHA512 af327981e004f8a56473fcfa88d8f5027991461a6ffc791db6a840919513dd0e0d3de47828e7a4d6425bef432b76d2d8a05b3a6ab742668e5da4051d44aead7d
 EBUILD stunnel-5.45.ebuild 2930 BLAKE2B 95ade179eb9d81e66ea6fe7523a299c8e6dd58d43867568b8e22d22125f6a6111d1f8b988df153cb438afba2736db811507d87acf0f2b5b00469904c12657f34 SHA512 c8fca15345e1a955af0824d847dc0e06a220da7dcdff9a5144e567f54ea7e6c36a14d74fb407b5981249c3076811e7da2fcb668855cdcbca019aa27e464c9229
 EBUILD stunnel-5.46.ebuild 2930 BLAKE2B 95ade179eb9d81e66ea6fe7523a299c8e6dd58d43867568b8e22d22125f6a6111d1f8b988df153cb438afba2736db811507d87acf0f2b5b00469904c12657f34 SHA512 c8fca15345e1a955af0824d847dc0e06a220da7dcdff9a5144e567f54ea7e6c36a14d74fb407b5981249c3076811e7da2fcb668855cdcbca019aa27e464c9229
+EBUILD stunnel-5.48.ebuild 2930 BLAKE2B 53abfb43b47f4eca2785109e8dcd38ba7d2e112401f49c4481bbc03e2678debd6eb660592f2cecd21f3931317189f5193144fa79eb3c5cb353d4fcee6c9bf525 SHA512 9ba4ca10038b20457a596a416b52a2249a206c78dee0273cde8d0f5dbd8063504119a637fd8845109321608f444906b67360101f09469047e1dc63eeb4eec5f4
 MISC metadata.xml 712 BLAKE2B 2e112f8a1f4fb41bd678a7e845e109923f00c281b5673e87cf2c06e68e8c1ee79e6230150cf911f4c28085ab22dc76eff54c80d201ef2709d5ee58a70f1a0084 SHA512 03c867389e13ef2596e97bc64b47209fe445eb5f4b2012d78f426f5eec96ad8359a735d9fe981109502d297837fa6ad50c43e0fe0b618aa9aed3f30fbd01e362
diff --git a/net-misc/stunnel/files/stunnel-5.48-compat-libressl.patch b/net-misc/stunnel/files/stunnel-5.48-compat-libressl.patch
new file mode 100644
index 000000000000..3161b1581b1a
--- /dev/null
+++ b/net-misc/stunnel/files/stunnel-5.48-compat-libressl.patch
@@ -0,0 +1,114 @@
+diff -Naur stunnel-5.48.orig/src/common.h stunnel-5.48/src/common.h
+--- stunnel-5.48.orig/src/common.h	2018-06-08 13:30:15.000000000 -0400
++++ stunnel-5.48/src/common.h	2018-07-08 22:23:00.527131463 -0400
+@@ -446,7 +446,7 @@
+ #define OPENSSL_NO_TLS1_2
+ #endif /* OpenSSL older than 1.0.1 || defined(OPENSSL_NO_TLS1) */
+ 
+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ #ifndef OPENSSL_NO_SSL2
+ #define OPENSSL_NO_SSL2
+ #endif /* !defined(OPENSSL_NO_SSL2) */
+@@ -473,7 +473,7 @@
+ #include <openssl/des.h>
+ #ifndef OPENSSL_NO_DH
+ #include <openssl/dh.h>
+-#if OPENSSL_VERSION_NUMBER<0x10100000L
++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ #endif /* OpenSSL older than 1.1.0 */
+ #endif /* !defined(OPENSSL_NO_DH) */
+diff -Naur stunnel-5.48.orig/src/ctx.c stunnel-5.48/src/ctx.c
+--- stunnel-5.48.orig/src/ctx.c	2018-07-02 17:30:10.000000000 -0400
++++ stunnel-5.48/src/ctx.c	2018-07-08 22:23:00.527131463 -0400
+@@ -311,7 +311,7 @@
+ 
+ #ifndef OPENSSL_NO_DH
+ 
+-#if OPENSSL_VERSION_NUMBER<0x10100000L
++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ NOEXPORT STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx) {
+     return ctx->cipher_list;
+ }
+@@ -414,7 +414,7 @@
+ /**************************************** initialize OpenSSL CONF */
+ 
+ NOEXPORT int conf_init(SERVICE_OPTIONS *section) {
+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+     SSL_CONF_CTX *cctx;
+     NAME_LIST *curr;
+     char *cmd, *param;
+diff -Naur stunnel-5.48.orig/src/options.c stunnel-5.48/src/options.c
+--- stunnel-5.48.orig/src/options.c	2018-07-02 17:30:26.000000000 -0400
++++ stunnel-5.48/src/options.c	2018-07-08 22:23:00.527131463 -0400
+@@ -4215,7 +4215,7 @@
+     }
+ #endif
+     /* engines can add new algorithms */
+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS|
+         OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
+ #else
+diff -Naur stunnel-5.48.orig/src/ssl.c stunnel-5.48/src/ssl.c
+--- stunnel-5.48.orig/src/ssl.c	2018-04-06 10:25:10.000000000 -0400
++++ stunnel-5.48/src/ssl.c	2018-07-08 22:23:00.527131463 -0400
+@@ -52,7 +52,7 @@
+ int index_session_authenticated, index_session_connect_address;
+ 
+ int ssl_init(void) { /* init TLS before parsing configuration file */
+-#if OPENSSL_VERSION_NUMBER>=0x10100000L
++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+     OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS |
+         OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_LOAD_CONFIG, NULL);
+ #else
+@@ -88,7 +88,7 @@
+ }
+ 
+ #ifndef OPENSSL_NO_DH
+-#if OPENSSL_VERSION_NUMBER<0x10100000L
++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ /* this is needed for dhparam.c generated with OpenSSL >= 1.1.0
+  * to be linked against the older versions */
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {
+diff -Naur stunnel-5.48.orig/src/verify.c stunnel-5.48/src/verify.c
+--- stunnel-5.48.orig/src/verify.c	2018-07-02 17:30:10.000000000 -0400
++++ stunnel-5.48/src/verify.c	2018-07-08 22:23:00.531131344 -0400
+@@ -51,7 +51,7 @@
+ NOEXPORT int verify_callback(int, X509_STORE_CTX *);
+ NOEXPORT int verify_checks(CLI *, int, X509_STORE_CTX *);
+ NOEXPORT int cert_check(CLI *, X509_STORE_CTX *, int);
+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+ NOEXPORT int cert_check_subject(CLI *, X509_STORE_CTX *);
+ #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
+ NOEXPORT int cert_check_local(X509_STORE_CTX *);
+@@ -285,7 +285,7 @@
+     }
+ 
+     if(depth==0) { /* additional peer certificate checks */
+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+         if(!cert_check_subject(c, callback_ctx))
+             return 0; /* reject */
+ #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
+@@ -296,7 +296,7 @@
+     return 1; /* accept */
+ }
+ 
+-#if OPENSSL_VERSION_NUMBER>=0x10002000L
++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+ NOEXPORT int cert_check_subject(CLI *c, X509_STORE_CTX *callback_ctx) {
+     X509 *cert=X509_STORE_CTX_get_current_cert(callback_ctx);
+     NAME_LIST *ptr;
+@@ -346,7 +346,7 @@
+     cert=X509_STORE_CTX_get_current_cert(callback_ctx);
+     subject=X509_get_subject_name(cert);
+ 
+-#if OPENSSL_VERSION_NUMBER<0x10100006L
++#if OPENSSL_VERSION_NUMBER<0x10100006L || defined(LIBRESSL_VERSION_NUMBER)
+ #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs
+ #endif
+     /* modern API allows retrieving multiple matching certificates */
diff --git a/net-misc/stunnel/stunnel-5.48.ebuild b/net-misc/stunnel/stunnel-5.48.ebuild
new file mode 100644
index 000000000000..d7898dbcca06
--- /dev/null
+++ b/net-misc/stunnel/stunnel-5.48.ebuild
@@ -0,0 +1,95 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit ssl-cert multilib systemd user
+
+DESCRIPTION="TLS/SSL - Port Wrapper"
+HOMEPAGE="http://www.stunnel.org/index.html"
+SRC_URI="ftp://ftp.stunnel.org/stunnel/archive/${PV%%.*}.x/${P}.tar.gz
+	http://www.usenix.org.uk/mirrors/stunnel/archive/${PV%%.*}.x/${P}.tar.gz
+	http://ftp.nluug.nl/pub/networking/stunnel/archive/${PV%%.*}.x/${P}.tar.gz
+	http://www.namesdir.com/mirrors/stunnel/archive/${PV%%.*}.x/${P}.tar.gz
+	http://stunnel.cybermirror.org/archive/${PV%%.*}.x/${P}.tar.gz
+	http://mirrors.zerg.biz/stunnel/archive/${PV%%.*}.x/${P}.tar.gz
+	ftp://mirrors.go-parts.com/stunnel/archive/${PV%%.*}.x/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x86-macos"
+IUSE="ipv6 libressl selinux stunnel3 tcpd"
+
+DEPEND="tcpd? ( sys-apps/tcp-wrappers )
+	!libressl? ( dev-libs/openssl:0= )
+	libressl? ( dev-libs/libressl:0= )"
+RDEPEND="${DEPEND}
+	stunnel3? ( dev-lang/perl )
+	selinux? ( sec-policy/selinux-stunnel )"
+
+RESTRICT="test"
+
+pkg_setup() {
+	enewgroup stunnel
+	enewuser stunnel -1 -1 -1 stunnel
+}
+
+src_prepare() {
+	# Hack away generation of certificate
+	sed -i -e "s/^install-data-local:/do-not-run-this:/" \
+		tools/Makefile.in || die "sed failed"
+
+	# libressl compat
+	eapply "${FILESDIR}"/${PN}-5.48-compat-libressl.patch
+
+	echo "CONFIG_PROTECT=\"/etc/stunnel/stunnel.conf\"" > "${T}"/20stunnel
+
+	eapply_user
+}
+
+src_configure() {
+	econf \
+		--libdir="${EPREFIX}/usr/$(get_libdir)" \
+		$(use_enable ipv6) \
+		$(use_enable tcpd libwrap) \
+		--with-ssl="${EPREFIX}"/usr \
+		--disable-fips
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+	rm -rf "${ED}"/usr/share/doc/${PN}
+	rm -f "${ED}"/etc/stunnel/stunnel.conf-sample \
+		"${ED}"/usr/share/man/man8/stunnel.{fr,pl}.8
+	use stunnel3 || rm -f "${ED}"/usr/bin/stunnel3
+
+	# The binary was moved to /usr/bin with 4.21,
+	# symlink for backwards compatibility
+	dosym ../bin/stunnel /usr/sbin/stunnel
+
+	dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog
+	docinto html
+	dodoc doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \
+		tools/importCA.html
+
+	insinto /etc/stunnel
+	doins "${FILESDIR}"/stunnel.conf
+	newinitd "${FILESDIR}"/stunnel-r1 stunnel
+
+	doenvd "${T}"/20stunnel
+
+	systemd_dounit "${S}/tools/stunnel.service"
+	systemd_newtmpfilesd "${FILESDIR}"/stunnel.tmpfiles.conf stunnel.conf
+}
+
+pkg_postinst() {
+	if [ ! -f "${EROOT}"/etc/stunnel/stunnel.key ]; then
+		install_cert /etc/stunnel/stunnel
+		chown stunnel:stunnel "${EROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
+		chmod 0640 "${EROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
+	fi
+
+	einfo "If you want to run multiple instances of stunnel, create a new config"
+	einfo "file ending with .conf in /etc/stunnel/. **Make sure** you change "
+	einfo "\'pid= \' with a unique filename."
+}
-- 
cgit v1.2.3