diff options
| author | joerg <joerg@pkgsrc.org> | 2020-04-17 00:21:17 +0000 |
|---|---|---|
| committer | joerg <joerg@pkgsrc.org> | 2020-04-17 00:21:17 +0000 |
| commit | eb05ad4778aea05268e2fad4c53e46d02dea0c3b (patch) | |
| tree | e1b6d0550af7f401310508cf7455a7d348f83288 /mail | |
| parent | ff0e8328117dededfbad977d81790eb2ca8cac51 (diff) | |
| download | pkgsrc-eb05ad4778aea05268e2fad4c53e46d02dea0c3b.tar.gz | |
Adjust for OpenSSL 1.1
Diffstat (limited to 'mail')
| -rw-r--r-- | mail/cone/distinfo | 4 | ||||
| -rw-r--r-- | mail/cone/patches/patch-tcpd_configure | 54 | ||||
| -rw-r--r-- | mail/cone/patches/patch-tcpd_libcouriertls.c | 90 |
3 files changed, 147 insertions, 1 deletions
diff --git a/mail/cone/distinfo b/mail/cone/distinfo index 3296fd6bd26..e36a6765a1f 100644 --- a/mail/cone/distinfo +++ b/mail/cone/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.11 2020/03/22 21:24:56 joerg Exp $ +$NetBSD: distinfo,v 1.12 2020/04/17 00:21:17 joerg Exp $ SHA1 (cone-0.90.tar.bz2) = 51614269ed0b8c091de4573bacefe5f394a08311 RMD160 (cone-0.90.tar.bz2) = 2b2a924d8726535654c74c9d98d7e444aff9fd5e @@ -18,3 +18,5 @@ SHA1 (patch-libmail-mboxgetmessage.C) = a46d7ee0962e89721ff75b43adcf5316aa5bda28 SHA1 (patch-libmail-mboxread.C) = 940eab3b9040d9362f816d9af4d9bcc305701ae6 SHA1 (patch-libmail-tmpaccount.C) = dbd3d7bde51e9c94b3258fcb2fca6b9077f9ad12 SHA1 (patch-libmail_addmessage.H) = 27a07ef263bd351938e658c7f8c7faed44376479 +SHA1 (patch-tcpd_configure) = eba2223ad6a62e273c8da6cfe0ba2cf141680470 +SHA1 (patch-tcpd_libcouriertls.c) = ffe6d71d7c1092c88f5ac496ee12e41d2db5e3bb diff --git a/mail/cone/patches/patch-tcpd_configure b/mail/cone/patches/patch-tcpd_configure new file mode 100644 index 00000000000..17ab82acfd3 --- /dev/null +++ b/mail/cone/patches/patch-tcpd_configure @@ -0,0 +1,54 @@ +$NetBSD: patch-tcpd_configure,v 1.1 2020/04/17 00:21:17 joerg Exp $ + +SSL_load_error_strings is no long a symbol in OpenSSL 1.1. + +--- tcpd/configure.orig 2020-04-13 20:46:43.239442081 +0000 ++++ tcpd/configure +@@ -12863,9 +12863,9 @@ else + fi + + +-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for SSL_load_error_strings in -lssl" >&5 +-$as_echo_n "checking for SSL_load_error_strings in -lssl... " >&6; } +-if ${ac_cv_lib_ssl_SSL_load_error_strings+:} false; then : ++{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for OPENSSL_init_ssl in -lssl" >&5 ++$as_echo_n "checking for OPENSSL_init_ssl in -lssl... " >&6; } ++if ${ac_cv_lib_ssl_OPENSSL_init_ssl+:} false; then : + $as_echo_n "(cached) " >&6 + else + ac_check_lib_save_LIBS=$LIBS +@@ -12879,27 +12879,27 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ + #ifdef __cplusplus + extern "C" + #endif +-char SSL_load_error_strings (); ++char OPENSSL_init_ssl (); + int + main () + { +-return SSL_load_error_strings (); ++return OPENSSL_init_ssl (); + ; + return 0; + } + _ACEOF + if ac_fn_c_try_link "$LINENO"; then : +- ac_cv_lib_ssl_SSL_load_error_strings=yes ++ ac_cv_lib_ssl_OPENSSL_init_ssl=yes + else +- ac_cv_lib_ssl_SSL_load_error_strings=no ++ ac_cv_lib_ssl_OPENSSL_init_ssl=no + fi + rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LIBS=$ac_check_lib_save_LIBS + fi +-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ssl_SSL_load_error_strings" >&5 +-$as_echo "$ac_cv_lib_ssl_SSL_load_error_strings" >&6; } +-if test "x$ac_cv_lib_ssl_SSL_load_error_strings" = xyes; then : ++{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ssl_OPENSSL_init_ssl" >&5 ++$as_echo "$ac_cv_lib_ssl_OPENSSL_init_ssl" >&6; } ++if test "x$ac_cv_lib_ssl_OPENSSL_init_ssl" = xyes; then : + have_ssl=yes + else + have_ssl=no diff --git a/mail/cone/patches/patch-tcpd_libcouriertls.c b/mail/cone/patches/patch-tcpd_libcouriertls.c new file mode 100644 index 00000000000..1c20087522f --- /dev/null +++ b/mail/cone/patches/patch-tcpd_libcouriertls.c @@ -0,0 +1,90 @@ +$NetBSD: patch-tcpd_libcouriertls.c,v 1.1 2020/04/17 00:21:17 joerg Exp $ + +Update for OpenSSL 1.1 interface. + +--- tcpd/libcouriertls.c.orig 2020-04-13 20:52:41.051633714 +0000 ++++ tcpd/libcouriertls.c +@@ -138,9 +138,9 @@ static int verifypeer(const struct tls_i + { + STACK_OF(X509) *peer_cert_chain=SSL_get_peer_cert_chain(ssl); + +- if (peer_cert_chain && peer_cert_chain->stack.num > 0) ++ if (peer_cert_chain && sk_X509_num(peer_cert_chain) > 0) + { +- X509 *xx=(X509 *)peer_cert_chain->stack.data[0]; ++ X509 *xx=sk_X509_value(peer_cert_chain, 0); + + if (xx) + subj=X509_get_subject_name(xx); +@@ -415,16 +415,15 @@ static int client_cert_cb(ssl_handle ssl + continue; + } + +- for (i=0; client_cas && i<client_cas->stack.num; i++) ++ for (i=0; client_cas && i<sk_X509_NAME_num(client_cas); i++) + { +- X509_NAME *cert=(X509_NAME *)client_cas->stack.data[i]; ++ X509_NAME *cert=sk_X509_NAME_value(client_cas, i); + +- if (X509_NAME_cmp(cert, +- x->cert_info->issuer) == 0) ++ if (X509_NAME_cmp(cert, X509_get_issuer_name(x)) == 0) + break; + } + +- if (!client_cas || i >= client_cas->stack.num) ++ if (!client_cas || i >= sk_X509_NAME_num(client_cas)) + { + BIO_free(certbio); + continue; +@@ -552,7 +551,7 @@ SSL_CTX *tls_create(int isserver, const + protocol="SSL23"; + + ctx=SSL_CTX_new(protocol && strcmp(protocol, "SSL3") == 0 +- ? SSLv3_method(): ++ ? SSLv23_method(): + protocol && strcmp(protocol, "SSL23") == 0 + ? SSLv23_method(): + TLSv1_method()); +@@ -740,8 +739,8 @@ static int cache_add(SSL *ssl, SSL_SESSI + unsigned char *ucp; + time_t timeout= (time_t)SSL_SESSION_get_time(sess) + + SSL_SESSION_get_timeout(sess); +- void *session_id=(void *)sess->session_id; +- size_t session_id_len=sess->session_id_length; ++ unsigned int session_id_len; ++ void *session_id = SSL_SESSION_get_id(sess, &session_id_len); + size_t sess_len=i2d_SSL_SESSION(sess, NULL); + + if (sizeof(timeout) + sizeof(session_id_len) + session_id_len + +@@ -851,9 +850,7 @@ static void cache_del(SSL_CTX *ctx, SSL_ + struct walk_info wi; + + wi.now=0; +- +- wi.id=(unsigned char *)sess->session_id; +- wi.id_len=sess->session_id_length; ++ wi.id = SSL_SESSION_get_id(sess, &wi.id_len); + if (tls_cache_walk(info->tlscache, del_func, &wi) < 0) + perror("ALERT: tls_cache_walk: "); + } +@@ -1360,8 +1357,8 @@ void tls_dump_connection_info(ssl_handle + } + } + +- for (i=0; peer_cert_chain && i<peer_cert_chain->stack.num; i++) +- dump_x509((X509 *)peer_cert_chain->stack.data[i], ++ for (i=0; peer_cert_chain && i<sk_X509_num(peer_cert_chain); i++) ++ dump_x509(sk_X509_value(peer_cert_chain, i), + dump_func, dump_arg); + } + +@@ -1539,7 +1536,7 @@ char *tls_cert_name(const char *buf, siz + + if (x) + { +- p=X509_NAME_oneline(x->cert_info->subject, NULL, 0); ++ p=X509_NAME_oneline(X509_get_subject_name(x), NULL, 0); + X509_free(x); + } + ERR_clear_error(); |