From 09351e78166b5e864197c4456ebae3f89dd0bed9 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Tue, 22 Jan 2019 10:09:44 +0000 Subject: gentoo resync : 22.01.2019 --- .../files/wpa_supplicant-2.6-libressl.patch | 81 ---------------------- .../files/wpa_supplicant-2.7-libressl.patch | 46 ++++++++++++ 2 files changed, 46 insertions(+), 81 deletions(-) delete mode 100644 net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-libressl.patch create mode 100644 net-wireless/wpa_supplicant/files/wpa_supplicant-2.7-libressl.patch (limited to 'net-wireless/wpa_supplicant/files') diff --git a/net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-libressl.patch b/net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-libressl.patch deleted file mode 100644 index 0394ab545b16..000000000000 --- a/net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-libressl.patch +++ /dev/null @@ -1,81 +0,0 @@ -From d53b107120af86a0c711bac950bfc2fa728cb4e6 Mon Sep 17 00:00:00 2001 -From: Julian Ospald -Date: Fri, 7 Oct 2016 17:45:46 +0200 -Subject: [PATCH] Fix LibreSSL compatibility -Upstream: pending, http://lists.infradead.org/pipermail/hostap/2016-October/036458.html - -This basically just follows -587b0457e0238b7b1800d46f5cdd5e1d2b06732f -with the same pattern, which was missed here. - -Signed-off-by: Julian Ospald ---- - src/crypto/crypto_openssl.c | 4 ++-- - src/crypto/tls_openssl.c | 8 ++++---- - 2 files changed, 6 insertions(+), 6 deletions(-) - -diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c -index 19e0e2b..b3d1b07 100644 ---- a/src/crypto/crypto_openssl.c -+++ b/src/crypto/crypto_openssl.c -@@ -611,7 +611,7 @@ void crypto_cipher_deinit(struct crypto_cipher *ctx) - - void * dh5_init(struct wpabuf **priv, struct wpabuf **publ) - { --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - DH *dh; - struct wpabuf *pubkey = NULL, *privkey = NULL; - size_t publen, privlen; -@@ -712,7 +712,7 @@ err: - - void * dh5_init_fixed(const struct wpabuf *priv, const struct wpabuf *publ) - { --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - DH *dh; - - dh = DH_new(); -diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c -index 23ac64b..a7d4880 100644 ---- a/src/crypto/tls_openssl.c -+++ b/src/crypto/tls_openssl.c -@@ -919,7 +919,7 @@ void * tls_init(const struct tls_config *conf) - } - #endif /* OPENSSL_FIPS */ - #endif /* CONFIG_FIPS */ --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - SSL_load_error_strings(); - SSL_library_init(); - #ifndef OPENSSL_NO_SHA256 -@@ -1043,7 +1043,7 @@ void tls_deinit(void *ssl_ctx) - - tls_openssl_ref_count--; - if (tls_openssl_ref_count == 0) { --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - #ifndef OPENSSL_NO_ENGINE - ENGINE_cleanup(); - #endif /* OPENSSL_NO_ENGINE */ -@@ -2334,7 +2334,7 @@ static int tls_connection_client_cert(struct tls_connection *conn, - return 0; - - #ifdef PKCS12_FUNCS --#if OPENSSL_VERSION_NUMBER < 0x10002000L -+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) - /* - * Clear previously set extra chain certificates, if any, from PKCS#12 - * processing in tls_parse_pkcs12() to allow OpenSSL to build a new -@@ -3976,7 +3976,7 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, - engine_id = "pkcs11"; - - #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - if (params->flags & TLS_CONN_EAP_FAST) { - wpa_printf(MSG_DEBUG, - "OpenSSL: Use TLSv1_method() for EAP-FAST"); --- -2.10.1 - diff --git a/net-wireless/wpa_supplicant/files/wpa_supplicant-2.7-libressl.patch b/net-wireless/wpa_supplicant/files/wpa_supplicant-2.7-libressl.patch new file mode 100644 index 000000000000..45a1cf3701f9 --- /dev/null +++ b/net-wireless/wpa_supplicant/files/wpa_supplicant-2.7-libressl.patch @@ -0,0 +1,46 @@ +From 2643a056bb7d0737f63f42a11c308b2804d9ebe5 Mon Sep 17 00:00:00 2001 +From: Andrey Utkin +Date: Tue, 11 Dec 2018 17:41:10 +0000 +Subject: [PATCH] Fix build with LibreSSL + +When using LibreSSL instead of OpenSSL, linkage of hostapd executable +fails with the following error when using some LibreSSL versions + + ../src/crypto/tls_openssl.o: In function `tls_verify_cb': + tls_openssl.c:(.text+0x1273): undefined reference to `ASN1_STRING_get0_data' + ../src/crypto/tls_openssl.o: In function `tls_connection_peer_serial_num': + tls_openssl.c:(.text+0x3023): undefined reference to `ASN1_STRING_get0_data' + collect2: error: ld returned 1 exit status + make: *** [Makefile:1278: hostapd] Error 1 + +ASN1_STRING_get0_data is present in recent OpenSSL, but absent in some +versions of LibreSSL (confirmed for version 2.6.5), so fallback needs to +be defined in this case, just like for old OpenSSL. + +This patch was inspired by similar patches to other projects, such as +spice-gtk, pjsip. + +Link: https://bugs.gentoo.org/672834 +Signed-off-by: Andrey Utkin +--- + src/crypto/tls_openssl.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c +index 608818310..cb70e2c47 100644 +--- a/src/crypto/tls_openssl.c ++++ b/src/crypto/tls_openssl.c +@@ -104,7 +104,9 @@ static size_t SSL_SESSION_get_master_key(const SSL_SESSION *session, + + #endif + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && \ ++ LIBRESSL_VERSION_NUMBER < 0x20700000L) + #ifdef CONFIG_SUITEB + static int RSA_bits(const RSA *r) + { +-- +2.20.1 + -- cgit v1.2.3