commit: 9f755166990850a2f869b1da92c76283e1708b5d Author: Aric Belsito <lluixhi <AT> gmail <DOT> com> AuthorDate: Thu Nov 3 08:24:42 2016 +0000 Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org> CommitDate: Thu Nov 3 19:34:50 2016 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9f755166
net-misc/openconnect: Reintroduce libressl USE. Closes: https://github.com/gentoo/gentoo/pull/2727 .../files/openconnect-7.07-libressl.patch | 77 ++++++++++++++++++++++ net-misc/openconnect/openconnect-7.06-r4.ebuild | 8 ++- ...nect-9999.ebuild => openconnect-7.07-r3.ebuild} | 16 +++-- net-misc/openconnect/openconnect-9999.ebuild | 12 ++-- 4 files changed, 102 insertions(+), 11 deletions(-) diff --git a/net-misc/openconnect/files/openconnect-7.07-libressl.patch b/net-misc/openconnect/files/openconnect-7.07-libressl.patch new file mode 100644 index 00000000..4f9d34b --- /dev/null +++ b/net-misc/openconnect/files/openconnect-7.07-libressl.patch @@ -0,0 +1,77 @@ +From d4a8afc2e8693628f2de554e717458e08bcc2fcf Mon Sep 17 00:00:00 2001 +From: Aric Belsito <llui...@gmail.com> +Date: Thu, 3 Nov 2016 11:37:23 -0700 +Subject: [PATCH] Fix LibreSSL Build. + +From Voidlinux: + +From d51ab5615e11af4a2c160b2b8240e5d9f3c15422 Mon Sep 17 00:00:00 2001 +From: Duncaen <dunc...@voidlinux.eu> +Date: Wed, 13 Jul 2016 15:21:16 +0200 +Subject: [PATCH] openconnect: update to 7.07. +--- + openssl-esp.c | 4 ++-- + openssl.c | 8 ++++---- + 2 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/openssl-esp.c b/openssl-esp.c +index 2c1aa49..bd4dce3 100644 +--- a/openssl-esp.c ++++ b/openssl-esp.c +@@ -27,7 +27,7 @@ + #include <openssl/evp.h> + #include <openssl/rand.h> + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + + #define EVP_CIPHER_CTX_free(c) do { \ + EVP_CIPHER_CTX_cleanup(c); \ +@@ -85,7 +85,7 @@ static int init_esp_ciphers(struct openconnect_info *vpninfo, struct esp *esp, + } + EVP_CIPHER_CTX_set_padding(esp->cipher, 0); + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + esp->hmac = malloc(sizeof(*esp->hmac)); + esp->pkt_hmac = malloc(sizeof(*esp->pkt_hmac)); + if (!esp->hmac || &esp->pkt_hmac) { +diff --git a/openssl.c b/openssl.c +index 785fd2a..6007cef 100644 +--- a/openssl.c ++++ b/openssl.c +@@ -36,11 +36,11 @@ + #include <openssl/ui.h> + #include <openssl/rsa.h> + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + #define X509_up_ref(x) CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_X509) + #endif + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + #define EVP_MD_CTX_new EVP_MD_CTX_create + #define EVP_MD_CTX_free EVP_MD_CTX_destroy + #define X509_STORE_CTX_get0_chain(ctx) ((ctx)->chain) +@@ -991,7 +991,7 @@ static int set_peer_cert_hash(struct openconnect_info *vpninfo) + return 0; + } + +-#if OPENSSL_VERSION_NUMBER < 0x10002000L ++#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) + static int match_hostname_elem(const char *hostname, int helem_len, + const char *match, int melem_len) + { +@@ -1653,7 +1653,7 @@ int openconnect_open_https(struct openconnect_info *vpninfo) + * 4fcdd66fff5fea0cfa1055c6680a76a4303f28a2 + * cd6bd5ffda616822b52104fee0c4c7d623fd4f53 + */ +-#if OPENSSL_VERSION_NUMBER >= 0x10001070 ++#if OPENSSL_VERSION_NUMBER >= 0x10001070 || defined(LIBRESSL_VERSION_NUMBER) + if (string_is_hostname(vpninfo->hostname)) + SSL_set_tlsext_host_name(https_ssl, vpninfo->hostname); + #endif +-- +2.10.2 + diff --git a/net-misc/openconnect/openconnect-7.06-r4.ebuild b/net-misc/openconnect/openconnect-7.06-r4.ebuild index c2727fa..101a611 100644 --- a/net-misc/openconnect/openconnect-7.06-r4.ebuild +++ b/net-misc/openconnect/openconnect-7.06-r4.ebuild @@ -18,7 +18,7 @@ SRC_URI="ftp://ftp.infradead.org/pub/${PN}/${P}.tar.gz LICENSE="LGPL-2.1 GPL-2" SLOT="0/5" KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86" -IUSE="doc +gnutls gssapi java libproxy nls smartcard static-libs stoken" +IUSE="doc +gnutls gssapi java libproxy libressl nls smartcard static-libs stoken" ILINGUAS="ar cs de el en_GB en_US es eu fi fr gl id lt nl pa pl pt pt_BR sk sl tg ug uk zh_CN zh_TW" for lang in $ILINGUAS; do IUSE="${IUSE} linguas_${lang}" @@ -27,11 +27,13 @@ done DEPEND="dev-libs/libxml2 sys-libs/zlib !gnutls? ( - >=dev-libs/openssl-1.0.1h:0[static-libs?] + !libressl? ( >=dev-libs/openssl-1.0.1h:0=[static-libs?] ) + libressl? ( dev-libs/libressl:0=[static-libs?] ) ) gnutls? ( - >=net-libs/gnutls-3:0=[static-libs?] dev-libs/nettle app-misc/ca-certificates + dev-libs/nettle + >=net-libs/gnutls-3:0=[static-libs?] ) gssapi? ( virtual/krb5 ) libproxy? ( net-libs/libproxy ) diff --git a/net-misc/openconnect/openconnect-9999.ebuild b/net-misc/openconnect/openconnect-7.07-r3.ebuild similarity index 90% copy from net-misc/openconnect/openconnect-9999.ebuild copy to net-misc/openconnect/openconnect-7.07-r3.ebuild index 4abd3db..b7ffa4e 100644 --- a/net-misc/openconnect/openconnect-9999.ebuild +++ b/net-misc/openconnect/openconnect-7.07-r3.ebuild @@ -25,16 +25,19 @@ HOMEPAGE="http://www.infradead.org/openconnect.html" LICENSE="LGPL-2.1 GPL-2" SLOT="0/5" -IUSE="doc +gnutls gssapi java libproxy lz4 nls smartcard static-libs stoken" +IUSE="doc +gnutls gssapi java libproxy libressl lz4 nls smartcard static-libs stoken" -DEPEND="dev-libs/libxml2 +DEPEND=" + dev-libs/libxml2 sys-libs/zlib !gnutls? ( - >=dev-libs/openssl-1.0.1h:0[static-libs?] + !libressl? ( >=dev-libs/openssl-1.0.1h:0=[static-libs?] ) + libressl? ( dev-libs/libressl:0=[static-libs?] ) ) gnutls? ( - >=net-libs/gnutls-3:0=[static-libs?] dev-libs/nettle app-misc/ca-certificates + dev-libs/nettle + >=net-libs/gnutls-3:0=[static-libs?] ) gssapi? ( virtual/krb5 ) libproxy? ( net-libs/libproxy ) @@ -53,6 +56,11 @@ DEPEND="${DEPEND} CONFIG_CHECK="~TUN" +PATCHES=( + "${FILESDIR}"/${P}-mimic-pulse-client.patch + "${FILESDIR}"/${P}-libressl.patch +) + pkg_pretend() { check_extra_config } diff --git a/net-misc/openconnect/openconnect-9999.ebuild b/net-misc/openconnect/openconnect-9999.ebuild index 4abd3db..7e5fb54 100644 --- a/net-misc/openconnect/openconnect-9999.ebuild +++ b/net-misc/openconnect/openconnect-9999.ebuild @@ -25,16 +25,19 @@ HOMEPAGE="http://www.infradead.org/openconnect.html" LICENSE="LGPL-2.1 GPL-2" SLOT="0/5" -IUSE="doc +gnutls gssapi java libproxy lz4 nls smartcard static-libs stoken" +IUSE="doc +gnutls gssapi java libproxy libressl lz4 nls smartcard static-libs stoken" -DEPEND="dev-libs/libxml2 +DEPEND=" + dev-libs/libxml2 sys-libs/zlib !gnutls? ( - >=dev-libs/openssl-1.0.1h:0[static-libs?] + !libressl? ( >=dev-libs/openssl-1.0.1h:0=[static-libs?] ) + libressl? ( dev-libs/libressl:0=[static-libs?] ) ) gnutls? ( - >=net-libs/gnutls-3:0=[static-libs?] dev-libs/nettle app-misc/ca-certificates + dev-libs/nettle + >=net-libs/gnutls-3:0=[static-libs?] ) gssapi? ( virtual/krb5 ) libproxy? ( net-libs/libproxy ) @@ -91,6 +94,7 @@ src_configure() { # liboath not in portage econf \ --with-vpnc-script="${EPREFIX}/etc/openconnect/openconnect.sh" \ + --without-openssl-version-check \ $(use_enable static-libs static) \ $(use_enable nls ) \ $(use_with !gnutls openssl) \