diff options
author | Anthony G. Basile <blueness@gentoo.org> | 2017-11-06 08:53:52 -0500 |
---|---|---|
committer | Anthony G. Basile <blueness@gentoo.org> | 2017-11-06 08:54:08 -0500 |
commit | 0d0139d9442980ff8b1bb9c1db112162fb108496 (patch) | |
tree | 4511962dbd96678b1fd3eca9fe1b9f0cccab37b9 /net-misc/stunnel/files | |
parent | app-text/paperwork: 1.2.1 bump (diff) | |
download | gentoo-0d0139d9442980ff8b1bb9c1db112162fb108496.tar.gz gentoo-0d0139d9442980ff8b1bb9c1db112162fb108496.tar.bz2 gentoo-0d0139d9442980ff8b1bb9c1db112162fb108496.zip |
net-misc/stunnel: version bump to 5.43
Package-Manager: Portage-2.3.8, Repoman-2.3.3
Diffstat (limited to 'net-misc/stunnel/files')
-rw-r--r-- | net-misc/stunnel/files/stunnel-5.43-compat-libressl.patch | 126 |
1 files changed, 126 insertions, 0 deletions
diff --git a/net-misc/stunnel/files/stunnel-5.43-compat-libressl.patch b/net-misc/stunnel/files/stunnel-5.43-compat-libressl.patch new file mode 100644 index 000000000000..5b015a98b610 --- /dev/null +++ b/net-misc/stunnel/files/stunnel-5.43-compat-libressl.patch @@ -0,0 +1,126 @@ +diff -Naur stunnel-5.43.orig/src/common.h stunnel-5.43/src/common.h +--- stunnel-5.43.orig/src/common.h 2017-01-02 14:27:26.000000000 +0000 ++++ stunnel-5.43/src/common.h 2017-11-06 13:42:39.940942240 +0000 +@@ -448,7 +448,7 @@ + #define OPENSSL_NO_TLS1_2 + #endif /* OpenSSL older than 1.0.1 || defined(OPENSSL_NO_TLS1) */ + +-#if OPENSSL_VERSION_NUMBER>=0x10100000L ++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + #ifndef OPENSSL_NO_SSL2 + #define OPENSSL_NO_SSL2 + #endif /* !defined(OPENSSL_NO_SSL2) */ +@@ -474,7 +474,7 @@ + #include <openssl/des.h> + #ifndef OPENSSL_NO_DH + #include <openssl/dh.h> +-#if OPENSSL_VERSION_NUMBER<0x10100000L ++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); + #endif /* OpenSSL older than 1.1.0 */ + #endif /* !defined(OPENSSL_NO_DH) */ +diff -Naur stunnel-5.43.orig/src/ctx.c stunnel-5.43/src/ctx.c +--- stunnel-5.43.orig/src/ctx.c 2017-08-17 09:18:53.000000000 +0000 ++++ stunnel-5.43/src/ctx.c 2017-11-06 13:47:55.571861529 +0000 +@@ -295,7 +295,7 @@ + + #ifndef OPENSSL_NO_DH + +-#if OPENSSL_VERSION_NUMBER<0x10100000L ++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + NOEXPORT STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx) { + return ctx->cipher_list; + } +@@ -398,7 +398,7 @@ + /**************************************** initialize OpenSSL CONF */ + + NOEXPORT int conf_init(SERVICE_OPTIONS *section) { +-#if OPENSSL_VERSION_NUMBER>=0x10002000L ++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) + SSL_CONF_CTX *cctx; + NAME_LIST *curr; + char *cmd, *param; +diff -Naur stunnel-5.43.orig/src/options.c stunnel-5.43/src/options.c +--- stunnel-5.43.orig/src/options.c 2017-10-16 18:38:47.000000000 +0000 ++++ stunnel-5.43/src/options.c 2017-11-06 13:46:18.630650320 +0000 +@@ -3656,7 +3656,7 @@ + } + #endif + /* engines can add new algorithms */ +-#if OPENSSL_VERSION_NUMBER>=0x10100000L ++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS| + OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); + #else +diff -Naur stunnel-5.43.orig/src/ssl.c stunnel-5.43/src/ssl.c +--- stunnel-5.43.orig/src/ssl.c 2017-10-07 14:23:08.000000000 +0000 ++++ stunnel-5.43/src/ssl.c 2017-11-06 13:42:39.940942240 +0000 +@@ -51,7 +51,7 @@ + int index_session_authenticated, index_session_connect_address; + + int ssl_init(void) { /* init TLS before parsing configuration file */ +-#if OPENSSL_VERSION_NUMBER>=0x10100000L ++#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | + OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_LOAD_CONFIG, NULL); + #else +@@ -87,7 +87,7 @@ + } + + #ifndef OPENSSL_NO_DH +-#if OPENSSL_VERSION_NUMBER<0x10100000L ++#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + /* this is needed for dhparam.c generated with OpenSSL >= 1.1.0 + * to be linked against the older versions */ + int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) { +diff -Naur stunnel-5.43.orig/src/sthreads.c stunnel-5.43/src/sthreads.c +--- stunnel-5.43.orig/src/sthreads.c 2017-08-17 09:18:53.000000000 +0000 ++++ stunnel-5.43/src/sthreads.c 2017-11-06 13:42:39.940942240 +0000 +@@ -216,7 +216,7 @@ + + struct CRYPTO_dynlock_value stunnel_locks[STUNNEL_LOCKS]; + +-#if OPENSSL_VERSION_NUMBER<0x10100004L ++#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER) + #define CRYPTO_THREAD_lock_new() CRYPTO_get_new_dynlockid() + #endif + +diff -Naur stunnel-5.43.orig/src/verify.c stunnel-5.43/src/verify.c +--- stunnel-5.43.orig/src/verify.c 2017-05-13 09:01:07.000000000 +0000 ++++ stunnel-5.43/src/verify.c 2017-11-06 13:46:56.317566128 +0000 +@@ -51,7 +51,7 @@ + NOEXPORT int verify_callback(int, X509_STORE_CTX *); + NOEXPORT int verify_checks(CLI *, int, X509_STORE_CTX *); + NOEXPORT int cert_check(CLI *, X509_STORE_CTX *, int); +-#if OPENSSL_VERSION_NUMBER>=0x10002000L ++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) + NOEXPORT int cert_check_subject(CLI *, X509_STORE_CTX *); + #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */ + NOEXPORT int cert_check_local(X509_STORE_CTX *); +@@ -285,7 +285,7 @@ + } + + if(depth==0) { /* additional peer certificate checks */ +-#if OPENSSL_VERSION_NUMBER>=0x10002000L ++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) + if(!cert_check_subject(c, callback_ctx)) + return 0; /* reject */ + #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */ +@@ -296,7 +296,7 @@ + return 1; /* accept */ + } + +-#if OPENSSL_VERSION_NUMBER>=0x10002000L ++#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) + NOEXPORT int cert_check_subject(CLI *c, X509_STORE_CTX *callback_ctx) { + X509 *cert=X509_STORE_CTX_get_current_cert(callback_ctx); + NAME_LIST *ptr; +@@ -353,7 +353,7 @@ + cert=X509_STORE_CTX_get_current_cert(callback_ctx); + subject=X509_get_subject_name(cert); + +-#if OPENSSL_VERSION_NUMBER<0x10100006L ++#if OPENSSL_VERSION_NUMBER<0x10100006L || defined(LIBRESSL_VERSION_NUMBER) + #define X509_STORE_CTX_get1_certs X509_STORE_get1_certs + #endif + /* modern API allows retrieving multiple matching certificates */ |