dovecot: update to 2.2.14.
This commit is contained in:
parent
2dfcd5e144
commit
b643bf40f8
|
@ -1,33 +0,0 @@
|
|||
$OpenBSD: patch-src_lib-ssl-iostream_iostream-openssl-context_c,v 1.1 2014/07/30 14:28:24 naddy Exp $
|
||||
|
||||
Check for SSL_CTRL_SET_ECDH_AUTO macro instead of OpenSSL version number.
|
||||
|
||||
--- src/lib-ssl-iostream/iostream-openssl-context.c.orig Tue Nov 19 15:36:30 2013
|
||||
+++ src/lib-ssl-iostream/iostream-openssl-context.c Tue Jul 29 15:51:04 2014
|
||||
@@ -416,7 +416,7 @@ ssl_iostream_context_set(struct ssl_iostream_context *
|
||||
return 0;
|
||||
}
|
||||
|
||||
-#if defined(HAVE_ECDH) && OPENSSL_VERSION_NUMBER < 0x10002000L
|
||||
+#if defined(HAVE_ECDH) && !defined(SSL_CTRL_SET_ECDH_AUTO)
|
||||
static int
|
||||
ssl_proxy_ctx_get_pkey_ec_curve_name(const struct ssl_iostream_settings *set,
|
||||
int *nid_r, const char **error_r)
|
||||
@@ -446,7 +446,7 @@ ssl_proxy_ctx_set_crypto_params(SSL_CTX *ssl_ctx,
|
||||
const struct ssl_iostream_settings *set ATTR_UNUSED,
|
||||
const char **error_r ATTR_UNUSED)
|
||||
{
|
||||
-#if defined(HAVE_ECDH) && OPENSSL_VERSION_NUMBER < 0x10002000L
|
||||
+#if defined(HAVE_ECDH) && !defined(SSL_CTRL_SET_ECDH_AUTO)
|
||||
EC_KEY *ecdh;
|
||||
int nid;
|
||||
const char *curve_name;
|
||||
@@ -459,7 +459,7 @@ ssl_proxy_ctx_set_crypto_params(SSL_CTX *ssl_ctx,
|
||||
used instead of ECDHE, do not reuse the same ECDH key pair for
|
||||
different sessions. This option improves forward secrecy. */
|
||||
SSL_CTX_set_options(ssl_ctx, SSL_OP_SINGLE_ECDH_USE);
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
|
||||
+#ifdef SSL_CTRL_SET_ECDH_AUTO
|
||||
/* OpenSSL >= 1.0.2 automatically handles ECDH temporary key parameter
|
||||
selection. */
|
||||
SSL_CTX_set_ecdh_auto(ssl_ctx, 1);
|
|
@ -1,24 +0,0 @@
|
|||
$OpenBSD: patch-src_lib-ssl-iostream_iostream-openssl_c,v 1.1 2014/07/30 14:28:24 naddy Exp $
|
||||
|
||||
Fixed compiling with SSL compression disabled.
|
||||
|
||||
--- src/lib-ssl-iostream/iostream-openssl.c.orig Tue Jul 29 15:35:56 2014
|
||||
+++ src/lib-ssl-iostream/iostream-openssl.c Tue Jul 29 15:36:29 2014
|
||||
@@ -675,7 +675,7 @@ static const char *
|
||||
openssl_iostream_get_security_string(struct ssl_iostream *ssl_io)
|
||||
{
|
||||
const SSL_CIPHER *cipher;
|
||||
-#ifdef HAVE_SSL_COMPRESSION
|
||||
+#if defined(HAVE_SSL_COMPRESSION) && !defined(OPENSSL_NO_COMP)
|
||||
const COMP_METHOD *comp;
|
||||
#endif
|
||||
const char *comp_str;
|
||||
@@ -686,7 +686,7 @@ openssl_iostream_get_security_string(struct ssl_iostre
|
||||
|
||||
cipher = SSL_get_current_cipher(ssl_io->ssl);
|
||||
bits = SSL_CIPHER_get_bits(cipher, &alg_bits);
|
||||
-#ifdef HAVE_SSL_COMPRESSION
|
||||
+#if defined(HAVE_SSL_COMPRESSION) && !defined(OPENSSL_NO_COMP)
|
||||
comp = SSL_get_current_compression(ssl_io->ssl);
|
||||
comp_str = comp == NULL ? "" :
|
||||
t_strconcat(" ", SSL_COMP_get_name(comp), NULL);
|
|
@ -1,58 +0,0 @@
|
|||
Check for SSL_CTRL_SET_ECDH_AUTO macro instead of OpenSSL version number.
|
||||
Fixed compiling with SSL compression disabled.
|
||||
|
||||
Based on the existing OpenBSD patch, but updated for 2.2.13.
|
||||
|
||||
--- src/login-common/ssl-proxy-openssl.c.orig 2014-08-04 19:00:05.463014161 +0200
|
||||
+++ src/login-common/ssl-proxy-openssl.c 2014-08-04 19:02:39.069231713 +0200
|
||||
@@ -125,7 +125,7 @@ static void ssl_server_context_deinit(st
|
||||
|
||||
static void ssl_proxy_ctx_set_crypto_params(SSL_CTX *ssl_ctx,
|
||||
const struct master_service_ssl_settings *set);
|
||||
-#if defined(HAVE_ECDH) && OPENSSL_VERSION_NUMBER < 0x10002000L
|
||||
+#if defined(HAVE_ECDH) && !defined(SSL_CTRL_SET_ECDH_AUTO)
|
||||
static int ssl_proxy_ctx_get_pkey_ec_curve_name(const struct master_service_ssl_settings *set);
|
||||
#endif
|
||||
|
||||
@@ -769,7 +769,7 @@ const char *ssl_proxy_get_security_strin
|
||||
|
||||
const char *ssl_proxy_get_compression(struct ssl_proxy *proxy ATTR_UNUSED)
|
||||
{
|
||||
-#ifdef HAVE_SSL_COMPRESSION
|
||||
+#if defined(HAVE_SSL_COMPRESSION) && !defined(OPENSSL_NO_COMP)
|
||||
const COMP_METHOD *comp;
|
||||
|
||||
comp = SSL_get_current_compression(proxy->ssl);
|
||||
@@ -1024,7 +1024,7 @@ static void
|
||||
ssl_proxy_ctx_set_crypto_params(SSL_CTX *ssl_ctx,
|
||||
const struct master_service_ssl_settings *set ATTR_UNUSED)
|
||||
{
|
||||
-#if defined(HAVE_ECDH) && OPENSSL_VERSION_NUMBER < 0x10002000L
|
||||
+#if defined(HAVE_ECDH) && !defined(SSL_CTRL_SET_ECDH_AUTO)
|
||||
EC_KEY *ecdh;
|
||||
int nid;
|
||||
const char *curve_name;
|
||||
@@ -1032,12 +1032,12 @@ ssl_proxy_ctx_set_crypto_params(SSL_CTX
|
||||
if (SSL_CTX_need_tmp_RSA(ssl_ctx))
|
||||
SSL_CTX_set_tmp_rsa_callback(ssl_ctx, ssl_gen_rsa_key);
|
||||
SSL_CTX_set_tmp_dh_callback(ssl_ctx, ssl_tmp_dh_callback);
|
||||
-#ifdef HAVE_ECDH
|
||||
+#if defined(HAVE_ECDH) && !defined(SSL_CTRL_SET_ECDH_AUTO)
|
||||
/* In the non-recommended situation where ECDH cipher suites are being
|
||||
used instead of ECDHE, do not reuse the same ECDH key pair for
|
||||
different sessions. This option improves forward secrecy. */
|
||||
SSL_CTX_set_options(ssl_ctx, SSL_OP_SINGLE_ECDH_USE);
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
|
||||
+#ifdef SSL_CTRL_SET_ECDH_AUTO
|
||||
/* OpenSSL >= 1.0.2 automatically handles ECDH temporary key parameter
|
||||
selection. */
|
||||
SSL_CTX_set_ecdh_auto(ssl_ctx, 1);
|
||||
@@ -1152,7 +1152,7 @@ ssl_proxy_ctx_use_key(SSL_CTX *ctx,
|
||||
EVP_PKEY_free(pkey);
|
||||
}
|
||||
|
||||
-#if defined(HAVE_ECDH) && OPENSSL_VERSION_NUMBER < 0x10002000L
|
||||
+#if defined(HAVE_ECDH) && !defined(SSL_CTRL_SET_ECDH_AUTO)
|
||||
static int
|
||||
ssl_proxy_ctx_get_pkey_ec_curve_name(const struct master_service_ssl_settings *set)
|
||||
{
|
|
@ -1,7 +1,7 @@
|
|||
# Template file for 'dovecot'
|
||||
pkgname=dovecot
|
||||
version=2.2.13
|
||||
revision=6
|
||||
version=2.2.14
|
||||
revision=1
|
||||
build_style=gnu-configure
|
||||
configure_args="--with-moduledir=/usr/lib/dovecot/modules --with-sql=plugin
|
||||
--disable-static --with-nss --with-pam --with-mysql --with-pgsql
|
||||
|
@ -14,7 +14,7 @@ maintainer="Juan RP <xtraeme@gmail.com>"
|
|||
license="LGPL-2.1"
|
||||
homepage="http://dovecot.org"
|
||||
distfiles="${homepage}/releases/2.2/${pkgname}-${version}.tar.gz"
|
||||
checksum=133cf3d2aa81733f6688ec986c91dbe07602fad81e856ba3d8046ffca85d9dce
|
||||
checksum=68ac0fa105c6041129a1fe83ccf4915982d03d41d99054567892cc0fbd68ebf0
|
||||
|
||||
makedepends="
|
||||
zlib-devel bzip2-devel liblzma-devel libressl-devel mit-krb5-devel
|
||||
|
|
Loading…
Reference in New Issue