void-packages/srcpkgs/stunnel/patches/stunnel-openbsd.patch

122 lines
4.8 KiB
Diff

$OpenBSD: patch-src_verify_c,v 1.5 2016/11/10 10:10:50 gsoares Exp $
--- src/verify.c.orig Wed Jul 6 13:18:17 2016
+++ src/verify.c Thu Nov 10 07:00:09 2016
@@ -349,7 +349,7 @@ NOEXPORT int cert_check_local(X509_STORE_CTX *callback
subject=X509_get_subject_name(cert);
#if OPENSSL_VERSION_NUMBER>=0x10000000L
-#if OPENSSL_VERSION_NUMBER<0x10100006L
+#if OPENSSL_VERSION_NUMBER<0x10100006L || defined(LIBRESSL_VERSION_NUMBER)
#define X509_STORE_CTX_get1_certs X509_STORE_get1_certs
#endif
/* modern API allows retrieving multiple matching certificates */
$OpenBSD: patch-src_sthreads_c,v 1.2 2016/11/10 10:10:50 gsoares Exp $
--- src/sthreads.c.orig Sat Oct 29 05:25:37 2016
+++ src/sthreads.c Wed Nov 9 20:22:39 2016
@@ -47,7 +47,7 @@
STUNNEL_RWLOCK stunnel_locks[STUNNEL_LOCKS];
#endif
-#if OPENSSL_VERSION_NUMBER<0x10100004L
+#if OPENSSL_VERSION_NUMBER<0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
#define CRYPTO_THREAD_lock_new() CRYPTO_get_new_dynlockid()
#endif
$OpenBSD: patch-src_ssl_c,v 1.4 2016/11/09 23:14:31 gsoares Exp $
--- src/ssl.c.orig Fri Aug 5 06:39:57 2016
+++ src/ssl.c Thu Nov 3 23:50:50 2016
@@ -83,7 +83,7 @@ int ssl_init(void) { /* init SSL before parsing config
}
#ifndef OPENSSL_NO_DH
-#if OPENSSL_VERSION_NUMBER<0x10100000L
+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
/* this is needed for dhparam.c generated with OpenSSL >= 1.1.0
* to be linked against the older versions */
int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {
$OpenBSD: patch-src_prototypes_h,v 1.2 2016/11/10 10:10:50 gsoares Exp $
--- src/prototypes.h.orig Sat Oct 29 05:25:37 2016
+++ src/prototypes.h Wed Nov 9 20:22:39 2016
@@ -660,13 +660,13 @@ typedef enum {
#endif /* OPENSSL_NO_DH */
STUNNEL_LOCKS /* number of locks */
} LOCK_TYPE;
-#if OPENSSL_VERSION_NUMBER < 0x10100004L
+#if OPENSSL_VERSION_NUMBER < 0x10100004L || defined(LIBRESSL_VERSION_NUMBER)
typedef int STUNNEL_RWLOCK;
#else
typedef CRYPTO_RWLOCK *STUNNEL_RWLOCK;
#endif
extern STUNNEL_RWLOCK stunnel_locks[STUNNEL_LOCKS];
-#if OPENSSL_VERSION_NUMBER>=0x10100004L
+#if OPENSSL_VERSION_NUMBER>=0x10100004L && !defined(LIBRESSL_VERSION_NUMBER)
#define CRYPTO_THREAD_read_unlock(type) CRYPTO_THREAD_unlock(type)
#define CRYPTO_THREAD_write_unlock(type) CRYPTO_THREAD_unlock(type)
#else
$OpenBSD: patch-src_options_c,v 1.7 2016/11/09 23:14:31 gsoares Exp $
use SSLv23_client_method() required to build with libressl since that it haven't
TLS_client_method() for now.
--- src/options.c.orig Fri Aug 5 06:39:57 2016
+++ src/options.c Thu Nov 3 23:13:15 2016
@@ -2617,7 +2617,7 @@ NOEXPORT char *parse_service_option(CMD cmd, SERVICE_O
/* sslVersion */
switch(cmd) {
case CMD_BEGIN:
-#if OPENSSL_VERSION_NUMBER>=0x10100000L
+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
section->client_method=(SSL_METHOD *)TLS_client_method();
section->server_method=(SSL_METHOD *)TLS_server_method();
#else
@@ -2629,7 +2629,7 @@ NOEXPORT char *parse_service_option(CMD cmd, SERVICE_O
if(strcasecmp(opt, "sslVersion"))
break;
if(!strcasecmp(arg, "all")) {
-#if OPENSSL_VERSION_NUMBER>=0x10100000L
+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
section->client_method=(SSL_METHOD *)TLS_client_method();
section->server_method=(SSL_METHOD *)TLS_server_method();
#else
$OpenBSD: patch-src_ctx_c,v 1.4 2016/11/09 23:14:31 gsoares Exp $
--- src/ctx.c.orig Tue Jun 21 12:06:14 2016
+++ src/ctx.c Thu Nov 3 23:13:15 2016
@@ -366,7 +366,7 @@ NOEXPORT int ecdh_init(SERVICE_OPTIONS *section) {
/**************************************** initialize OpenSSL CONF */
NOEXPORT int conf_init(SERVICE_OPTIONS *section) {
-#if OPENSSL_VERSION_NUMBER>=0x10002000L
+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
SSL_CONF_CTX *cctx;
NAME_LIST *curr;
char *cmd, *param;
$OpenBSD: patch-src_common_h,v 1.1 2016/11/09 23:14:31 gsoares Exp $
--- src/common.h.orig Mon Jun 27 04:29:32 2016
+++ src/common.h Thu Nov 3 23:57:29 2016
@@ -448,7 +448,7 @@ extern char *sys_errlist[];
#define OPENSSL_NO_TLS1_2
#endif /* OpenSSL older than 1.0.1 || defined(OPENSSL_NO_TLS1) */
-#if OPENSSL_VERSION_NUMBER>=0x10100000L
+#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
#ifndef OPENSSL_NO_SSL2
#define OPENSSL_NO_SSL2
#endif /* !defined(OPENSSL_NO_SSL2) */
@@ -474,7 +474,7 @@ extern char *sys_errlist[];
#include <openssl/des.h>
#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
-#if OPENSSL_VERSION_NUMBER<0x10100000L
+#if OPENSSL_VERSION_NUMBER<0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
#endif /* OpenSSL older than 1.1.0 */
#endif /* !defined(OPENSSL_NO_DH) */