commit: ef1871cc2442b12c4b41ad04ff1635786e24e724 Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> AuthorDate: Sun Dec 2 20:34:20 2018 +0000 Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> CommitDate: Sun Dec 2 20:40:50 2018 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ef1871cc
net-voip/telepathy-gabble: Fix build with openssl-1.1 Closes: https://bugs.gentoo.org/658902 Package-Manager: Portage-2.3.52, Repoman-2.3.12 Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org> .../telepathy-gabble-0.18.4-openssl-1.1.patch | 223 +++++++++++++++++++++ .../telepathy-gabble-0.18.4-r1.ebuild | 91 +++++++++ 2 files changed, 314 insertions(+) diff --git a/net-voip/telepathy-gabble/files/telepathy-gabble-0.18.4-openssl-1.1.patch b/net-voip/telepathy-gabble/files/telepathy-gabble-0.18.4-openssl-1.1.patch new file mode 100644 index 00000000000..0e0d647b700 --- /dev/null +++ b/net-voip/telepathy-gabble/files/telepathy-gabble-0.18.4-openssl-1.1.patch @@ -0,0 +1,223 @@ +From 68e7fb2f17dd9348e586ef676d8138c4b849a1ce Mon Sep 17 00:00:00 2001 +From: Roel Aaij <roel.a...@nikhef.nl> +Date: Fri, 26 Oct 2018 15:01:37 +0200 +Subject: [PATCH] openssl: fix build with openssl >= 1.1.0 + +--- + wocky/wocky-openssl-dh1024.c | 10 ++++++++++ + wocky/wocky-openssl-dh2048.c | 10 ++++++++++ + wocky/wocky-openssl-dh4096.c | 10 ++++++++++ + wocky/wocky-openssl-dh512.c | 10 ++++++++++ + wocky/wocky-openssl.c | 38 ++++++++++++++++++++++++++++++++---- + 5 files changed, 74 insertions(+), 4 deletions(-) + +diff --git a/lib/ext/wocky/wocky/wocky-openssl-dh1024.c b/lib/ext/wocky/wocky/wocky-openssl-dh1024.c +index b77fb4c..bb50523 100644 +--- a/lib/ext/wocky/wocky/wocky-openssl-dh1024.c ++++ b/lib/ext/wocky/wocky/wocky-openssl-dh1024.c +@@ -25,11 +25,21 @@ DH *get_dh1024(void) + 0x02, + }; + DH *dh; ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ int r = 0; ++#endif + + if ((dh=DH_new()) == NULL) return(NULL); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ r = DH_set0_pqg(dh, BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL), ++ NULL, BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL)); ++ if (!r) ++ { DH_free(dh); return(NULL); } ++#else + dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL); + dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL); + if ((dh->p == NULL) || (dh->g == NULL)) + { DH_free(dh); return(NULL); } ++#endif + return(dh); + } +diff --git a/lib/ext/wocky/wocky/wocky-openssl-dh2048.c b/lib/ext/wocky/wocky/wocky-openssl-dh2048.c +index c16deb7..d53ceda 100644 +--- a/lib/ext/wocky/wocky/wocky-openssl-dh2048.c ++++ b/lib/ext/wocky/wocky/wocky-openssl-dh2048.c +@@ -36,11 +36,21 @@ DH *get_dh2048(void) + 0x02, + }; + DH *dh; ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ int r = 0; ++#endif + + if ((dh=DH_new()) == NULL) return(NULL); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ r = DH_set0_pqg(dh, BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL), ++ NULL, BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL)); ++ if (!r) ++ { DH_free(dh); return(NULL); } ++#else + dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); + dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); + if ((dh->p == NULL) || (dh->g == NULL)) + { DH_free(dh); return(NULL); } ++#endif + return(dh); + } +diff --git a/lib/ext/wocky/wocky/wocky-openssl-dh4096.c b/lib/ext/wocky/wocky/wocky-openssl-dh4096.c +index 2854385..93fa7e5 100644 +--- a/lib/ext/wocky/wocky/wocky-openssl-dh4096.c ++++ b/lib/ext/wocky/wocky/wocky-openssl-dh4096.c +@@ -57,11 +57,21 @@ DH *get_dh4096(void) + 0x02, + }; + DH *dh; ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ int r = 0; ++#endif + + if ((dh=DH_new()) == NULL) return(NULL); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ r = DH_set0_pqg(dh, BN_bin2bn(dh4096_p,sizeof(dh4096_p),NULL), ++ NULL, BN_bin2bn(dh4096_g,sizeof(dh4096_g),NULL)); ++ if (!r) ++ { DH_free(dh); return(NULL); } ++#else + dh->p=BN_bin2bn(dh4096_p,sizeof(dh4096_p),NULL); + dh->g=BN_bin2bn(dh4096_g,sizeof(dh4096_g),NULL); + if ((dh->p == NULL) || (dh->g == NULL)) + { DH_free(dh); return(NULL); } ++#endif + return(dh); + } +diff --git a/lib/ext/wocky/wocky/wocky-openssl-dh512.c b/lib/ext/wocky/wocky/wocky-openssl-dh512.c +index 8e7a278..c2891cd 100644 +--- a/lib/ext/wocky/wocky/wocky-openssl-dh512.c ++++ b/lib/ext/wocky/wocky/wocky-openssl-dh512.c +@@ -20,11 +20,21 @@ DH *get_dh512(void) + 0x02, + }; + DH *dh; ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ int r = 0; ++#endif + + if ((dh=DH_new()) == NULL) return(NULL); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ r = DH_set0_pqg(dh, BN_bin2bn(dh512_p,sizeof(dh512_p),NULL), ++ NULL, BN_bin2bn(dh512_g,sizeof(dh512_g),NULL)); ++ if (!r) ++ { DH_free(dh); return(NULL); } ++#else + dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL); + dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL); + if ((dh->p == NULL) || (dh->g == NULL)) + { DH_free(dh); return(NULL); } ++#endif + return(dh); + } +diff --git a/lib/ext/wocky/wocky/wocky-openssl.c b/lib/ext/wocky/wocky/wocky-openssl.c +index 2201213..18f9981 100644 +--- a/lib/ext/wocky/wocky/wocky-openssl.c ++++ b/lib/ext/wocky/wocky/wocky-openssl.c +@@ -885,7 +885,11 @@ check_peer_name (const char *target, X509 *cert) + int i; + gboolean rval = FALSE; + X509_NAME *subject = X509_get_subject_name (cert); +- X509_CINF *ci = cert->cert_info; ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ const STACK_OF(X509_EXTENSION)* extensions = X509_get0_extensions(cert); ++#else ++ const STACK_OF(X509_EXTENSION)* extensions = cert->cert_info->extensions; ++#endif + static const long nid[] = { NID_commonName, NID_subject_alt_name, NID_undef }; + + /* first, see if the x509 name contains the info we want: */ +@@ -906,16 +910,21 @@ check_peer_name (const char *target, X509 *cert) + * and extract the subject_alt_name from the x509 v3 extensions: if that * + * extension is present, and a string, use that. If it is present, and * + * a multi-value stack, trawl it for the "DNS" entry and use that */ +- if (!rval && (ci->extensions != NULL)) +- for (i = 0; i < sk_X509_EXTENSION_num(ci->extensions) && !rval; i++) ++ if (!rval && (extensions != NULL)) ++ for (i = 0; i < sk_X509_EXTENSION_num(extensions) && !rval; i++) + { +- X509_EXTENSION *ext = sk_X509_EXTENSION_value (ci->extensions, i); ++ X509_EXTENSION *ext = sk_X509_EXTENSION_value (extensions, i); + ASN1_OBJECT *obj = X509_EXTENSION_get_object (ext); + X509V3_EXT_METHOD *convert = NULL; + long ni = OBJ_obj2nid (obj); + const guchar *p; + char *value = NULL; ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ const ASN1_OCTET_STRING* ext_value = X509_EXTENSION_get_data(ext); ++ int len = ASN1_STRING_length(ext_value); ++#else + int len = ext->value->length; ++#endif + void *ext_str = NULL; + + if (ni != NID_subject_alt_name) +@@ -927,7 +936,11 @@ check_peer_name (const char *target, X509 *cert) + if ((convert = (X509V3_EXT_METHOD *) X509V3_EXT_get (ext)) == NULL) + continue; + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ p = ASN1_STRING_get0_data(ext_value); ++#else + p = ext->value->data; ++#endif + ext_str = ((convert->it != NULL) ? + ASN1_item_d2i (NULL, &p, len, ASN1_ITEM_ptr(convert->it)) : + convert->d2i (NULL, &p, len) ); +@@ -1120,13 +1133,22 @@ _cert_status (WockyTLSSession *session, + X509_STORE *store = SSL_CTX_get_cert_store(session->ctx); + X509 *cert = SSL_get_peer_certificate (session->ssl); + STACK_OF(X509) *chain = SSL_get_peer_cert_chain (session->ssl); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ X509_VERIFY_PARAM* param = X509_STORE_get0_param(store); ++ long old_flags = X509_VERIFY_PARAM_get_flags(param); ++#else + long old_flags = store->param->flags; ++#endif + long new_flags = old_flags; + DEBUG("No CRL available, but not in strict mode - re-verifying"); + + new_flags &= ~(X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL); + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ X509_VERIFY_PARAM_set_flags(param, new_flags); ++#else + store->param->flags = new_flags; ++#endif + X509_STORE_CTX_init (xctx, store, cert, chain); + X509_STORE_CTX_set_flags (xctx, new_flags); + +@@ -1136,7 +1158,11 @@ _cert_status (WockyTLSSession *session, + status = _cert_status (session, new_code, level, ssl_code); + } + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ X509_VERIFY_PARAM_set_flags(param, old_flags); ++#else + store->param->flags = old_flags; ++#endif + X509_STORE_CTX_free (xctx); + X509_free (cert); + +@@ -1675,12 +1701,16 @@ wocky_tls_session_init (WockyTLSSession *session) + + if G_UNLIKELY (g_once_init_enter (&initialised)) + { ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ DEBUG ("initialising SSL library and error strings"); ++#else + gint malloc_init_succeeded; + + DEBUG ("initialising SSL library and error strings"); + + malloc_init_succeeded = CRYPTO_malloc_init (); + g_warn_if_fail (malloc_init_succeeded); ++#endif + + SSL_library_init (); + SSL_load_error_strings (); diff --git a/net-voip/telepathy-gabble/telepathy-gabble-0.18.4-r1.ebuild b/net-voip/telepathy-gabble/telepathy-gabble-0.18.4-r1.ebuild new file mode 100644 index 00000000000..fee27c8404b --- /dev/null +++ b/net-voip/telepathy-gabble/telepathy-gabble-0.18.4-r1.ebuild @@ -0,0 +1,91 @@ +# Copyright 1999-2018 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +# Python is used during build for some scripted source files generation (and twisted tests) +PYTHON_COMPAT=( python2_7 ) + +inherit gnome2 python-any-r1 + +DESCRIPTION="A XMPP connection manager, handles single and multi user chats and voice calls" +HOMEPAGE="https://telepathy.freedesktop.org/"; +SRC_URI="https://telepathy.freedesktop.org/releases/${PN}/${P}.tar.gz"; + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-linux" +IUSE="gnutls +jingle libressl plugins test" + +# Prevent false positives due nested configure +QA_CONFIGURE_OPTIONS=".*" + +# FIXME: missing sasl-2 for tests ? (automagic) +# missing libiphb for wocky ? +# x11-libs/gtksourceview:3.0 needed by telepathy-gabble-xmpp-console, bug #495184 +# Keep in mind some deps or higher minimum versions are in ext/wocky/configure.ac +RDEPEND=" + >=dev-libs/glib-2.44:2 + >=sys-apps/dbus-1.1.0 + >=dev-libs/dbus-glib-0.82 + >=net-libs/telepathy-glib-0.19.9 + + dev-libs/libxml2 + dev-db/sqlite:3 + + gnutls? ( >=net-libs/gnutls-2.10.2 ) + !gnutls? ( + libressl? ( dev-libs/libressl:0= ) + !libressl? ( >=dev-libs/openssl-0.9.8g:0=[-bindist] ) + ) + jingle? ( + >=net-libs/libsoup-2.42 + >=net-libs/libnice-0.0.11 ) + plugins? ( x11-libs/gtksourceview:3.0[introspection] ) + + !<net-im/telepathy-mission-control-5.5.0 +" +DEPEND="${RDEPEND} + ${PYTHON_DEPS} + dev-util/glib-utils + >=dev-util/gtk-doc-am-1.17 + dev-libs/libxslt + virtual/pkgconfig +" +# Twisted tests fail if bad ipv6 setup, upstream bug #30565 +# Random twisted tests fail with org.freedesktop.DBus.Error.NoReply for some reason +# pygobject:2 is needed by twisted-17 for gtk2reactor usage by gabble +#test? ( +# dev-python/pygobject:2 +# || ( +# >=dev-python/twisted-16.0.0 +# ( >=dev-python/twisted-core-0.8.2 +# >=dev-python/twisted-words-0.8.2 +# >=dev-python/dbus-python-0.83 +# ) ) +#) + +PATCHES=( + "${FILESDIR}"/${P}-build-fix-no-jingle.patch # build with USE=-jingle, bug #523230 + "${FILESDIR}"/${P}-openssl-1.1.patch # bug #658902 +) + +pkg_setup() { + python-any-r1_pkg_setup +} + +src_configure() { + gnome2_src_configure \ + --disable-coding-style-checks \ + --disable-static \ + --disable-Werror \ + --enable-file-transfer \ + $(use_enable jingle voip) \ + $(use_enable jingle google-relay) \ + $(use_enable plugins) \ + --with-tls=$(usex gnutls gnutls openssl) +} + +src_test() { + # This runs only C tests (see tests/README): + emake -C tests check-TESTS +}
