summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGluzskiy Alexandr <sss@sss.chaoslab.ru>2018-03-24 06:37:29 +0300
committerGluzskiy Alexandr <sss@sss.chaoslab.ru>2018-03-24 06:37:29 +0300
commitd3d1c36316702a35f30b1f3e4f816c2410109524 (patch)
tree670ee77357723a5cfdbd0acedf74961ae6bb9e52
parent17e8c9c7857abeb35a979e2b051cd3653a4251d2 (diff)
rollback to libressl 2.6.x support instead of scm version
-rw-r--r--app-emulation/spice/spice-scm.ebuild5
-rw-r--r--net-wireless/hostapd/files/libressl.patch105
2 files changed, 1 insertions, 109 deletions
diff --git a/app-emulation/spice/spice-scm.ebuild b/app-emulation/spice/spice-scm.ebuild
index b6785c2..123d794 100644
--- a/app-emulation/spice/spice-scm.ebuild
+++ b/app-emulation/spice/spice-scm.ebuild
@@ -26,7 +26,7 @@ RDEPEND="
virtual/jpeg:0=[static-libs(+)?]
>=x11-libs/pixman-0.17.7[static-libs(+)?]
!libressl? ( dev-libs/openssl:0[static-libs(+)?] )
- libressl? ( =dev-libs/libressl-scm[static-libs(+)?] )
+ libressl? ( dev-libs/libressl[static-libs(+)?] )
lz4? ( app-arch/lz4 )
smartcard? ( >=app-emulation/libcacard-0.1.2 )
sasl? ( dev-libs/cyrus-sasl[static-libs(+)?] )
@@ -47,9 +47,6 @@ python_check_deps() {
has_version "dev-python/six[${PYTHON_USEDEP}]"
}
-PATCHES=(
- "${FILESDIR}/libressl.patch"
-)
pkg_setup() {
[[ ${MERGE_TYPE} != binary ]] && python-any-r1_pkg_setup
diff --git a/net-wireless/hostapd/files/libressl.patch b/net-wireless/hostapd/files/libressl.patch
index 6279652..c8e9644 100644
--- a/net-wireless/hostapd/files/libressl.patch
+++ b/net-wireless/hostapd/files/libressl.patch
@@ -1,112 +1,7 @@
-diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
-index b63b35e9f..2baa7bfcf 100644
---- a/src/crypto/crypto_openssl.c
-+++ b/src/crypto/crypto_openssl.c
-@@ -33,49 +33,9 @@
- #include "aes_wrap.h"
- #include "crypto.h"
-
--#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
--/* Compatibility wrappers for older versions. */
--
--static HMAC_CTX * HMAC_CTX_new(void)
--{
-- HMAC_CTX *ctx;
--
-- ctx = os_zalloc(sizeof(*ctx));
-- if (ctx)
-- HMAC_CTX_init(ctx);
-- return ctx;
--}
--
--
--static void HMAC_CTX_free(HMAC_CTX *ctx)
--{
-- if (!ctx)
-- return;
-- HMAC_CTX_cleanup(ctx);
-- bin_clear_free(ctx, sizeof(*ctx));
--}
--
-
--static EVP_MD_CTX * EVP_MD_CTX_new(void)
--{
-- EVP_MD_CTX *ctx;
-
-- ctx = os_zalloc(sizeof(*ctx));
-- if (ctx)
-- EVP_MD_CTX_init(ctx);
-- return ctx;
--}
--
--
--static void EVP_MD_CTX_free(EVP_MD_CTX *ctx)
--{
-- if (!ctx)
-- return;
-- EVP_MD_CTX_cleanup(ctx);
-- bin_clear_free(ctx, sizeof(*ctx));
--}
-
--#endif /* OpenSSL version < 1.1.0 */
-
- static BIGNUM * get_group5_prime(void)
- {
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 4413ec325..7dbbd2d8c 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
-@@ -58,50 +58,6 @@ typedef int stack_index_t;
- #endif /* OPENSSL_NO_TLSEXT */
- #endif /* SSL_set_tlsext_status_type */
-
--#if (OPENSSL_VERSION_NUMBER < 0x10100000L || \
-- defined(LIBRESSL_VERSION_NUMBER)) && \
-- !defined(BORINGSSL_API_VERSION)
--/*
-- * SSL_get_client_random() and SSL_get_server_random() were added in OpenSSL
-- * 1.1.0 and newer BoringSSL revisions. Provide compatibility wrappers for
-- * older versions.
-- */
--
--static size_t SSL_get_client_random(const SSL *ssl, unsigned char *out,
-- size_t outlen)
--{
-- if (!ssl->s3 || outlen < SSL3_RANDOM_SIZE)
-- return 0;
-- os_memcpy(out, ssl->s3->client_random, SSL3_RANDOM_SIZE);
-- return SSL3_RANDOM_SIZE;
--}
--
--
--static size_t SSL_get_server_random(const SSL *ssl, unsigned char *out,
-- size_t outlen)
--{
-- if (!ssl->s3 || outlen < SSL3_RANDOM_SIZE)
-- return 0;
-- os_memcpy(out, ssl->s3->server_random, SSL3_RANDOM_SIZE);
-- return SSL3_RANDOM_SIZE;
--}
--
--
--#ifdef OPENSSL_NEED_EAP_FAST_PRF
--static size_t SSL_SESSION_get_master_key(const SSL_SESSION *session,
-- unsigned char *out, size_t outlen)
--{
-- if (!session || session->master_key_length < 0 ||
-- (size_t) session->master_key_length > outlen)
-- return 0;
-- if ((size_t) session->master_key_length < outlen)
-- outlen = session->master_key_length;
-- os_memcpy(out, session->master_key, outlen);
-- return outlen;
--}
--#endif /* OPENSSL_NEED_EAP_FAST_PRF */
--
--#endif
-
- #if OPENSSL_VERSION_NUMBER < 0x10100000L
- #ifdef CONFIG_SUITEB
@@ -2457,12 +2413,6 @@ static int tls_set_conn_flags(struct tls_connection *conn, unsigned int flags,
else
SSL_clear_options(ssl, SSL_OP_NO_TLSv1_1);