commit: 99c73595289f56a343b84158a639a8115aa84220 Author: orbea <orbea <AT> riseup <DOT> net> AuthorDate: Thu May 4 22:57:53 2023 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Fri May 5 04:41:57 2023 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=99c73595
sys-cluster/keepalived: add upstream libressl patch This patch was accepted upstream and fixes the build with LibreSSL which doesn't yet have the SSL_set0_wbio() function and this is solved by adding a configure check. Bug: https://bugs.gentoo.org/903001 Upstream-PR: https://github.com/acassen/keepalived/pull/2124 Upstream-Commit: https://github.com/acassen/keepalived/commit/bbec15d4781670ac1be5e543cb04543f79200e69 Upstream-PR: https://github.com/acassen/keepalived/pull/2130 Upstream-Commit: https://github.com/acassen/keepalived/commit/5cb40301f5cd8fbedbb756cd3d838def7293e0bd Upstream-Issue: https://github.com/libressl/portable/issues/838 Signed-off-by: orbea <orbea <AT> riseup.net> Signed-off-by: Sam James <sam <AT> gentoo.org> .../files/keepalived-2.2.7-libressl.patch | 67 ++++++++++++++++++++++ sys-cluster/keepalived/keepalived-2.2.7.ebuild | 6 +- 2 files changed, 72 insertions(+), 1 deletion(-) diff --git a/sys-cluster/keepalived/files/keepalived-2.2.7-libressl.patch b/sys-cluster/keepalived/files/keepalived-2.2.7-libressl.patch new file mode 100644 index 000000000000..e6d4df49a8cb --- /dev/null +++ b/sys-cluster/keepalived/files/keepalived-2.2.7-libressl.patch @@ -0,0 +1,67 @@ +https://bugs.gentoo.org/903001 +https://github.com/acassen/keepalived/pull/2124 +https://github.com/acassen/keepalived/commit/bbec15d4781670ac1be5e543cb04543f79200e69 +https://github.com/acassen/keepalived/pull/2130 +https://github.com/acassen/keepalived/commit/5cb40301f5cd8fbedbb756cd3d838def7293e0bd + +From bbec15d4781670ac1be5e543cb04543f79200e69 Mon Sep 17 00:00:00 2001 +From: Fabrice Fontaine <[email protected]> +Date: Tue, 12 Apr 2022 20:30:57 +0200 +Subject: [PATCH] fix build with libressl + +SSL_set0_rbio is provided by libressl since version 3.4.0 and +https://github.com/libressl-portable/openbsd/commit/c99939f9665a9c3c648682b4987df46600b70efc +but SSL_set0_wbio is not provided resulting in the following build +failure: + +/nvmedata/autobuild/instance-9/output-1/host/lib/gcc/s390x-buildroot-linux-gnu/10.3.0/../../../../s390x-buildroot-linux-gnu/bin/ld: check/libcheck.a(check_ssl.o): in function `ssl_connect': +check_ssl.c:(.text+0x7da): undefined reference to `SSL_set0_wbio' + +Fixes: + - http://autobuild.buildroot.org/results/76f72a3c7350ea265e2277c89d68e5256410e94c + +Signed-off-by: Fabrice Fontaine <[email protected]> +--- + configure.ac | 2 +- + keepalived/check/check_ssl.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +From 5cb40301f5cd8fbedbb756cd3d838def7293e0bd Mon Sep 17 00:00:00 2001 +From: Quentin Armitage <[email protected]> +Date: Mon, 18 Apr 2022 09:52:47 +0100 +Subject: [PATCH] Check for both SSL_set0_rbio and SSL_set0_wbio + +This updates commit bbec15d - "fix build with libressl" + +Signed-off-by: Quentin Armitage <[email protected]> +--- + configure.ac | 2 +- + keepalived/check/check_ssl.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 350a9f4e..91f90afe 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1327,7 +1327,7 @@ AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ + AC_CHECK_FUNCS([SSL_CTX_set_verify_depth]) + + # SSL_set0_rbio(), SSL_set0_wbio() OPENSSL_init_crypto() and TLS_method() introduced OpenSSL v1.1.0 +-AC_CHECK_FUNCS([SSL_set0_rbio OPENSSL_init_crypto TLS_method]) ++AC_CHECK_FUNCS([SSL_set0_rbio SSL_set0_wbio OPENSSL_init_crypto TLS_method]) + + # In OpenSSL v1.1.1 the call to SSL_CTX_new() fails if OPENSSL_init_crypto() has been called with + # OPENSSL_INIT_NO_LOAD_CONFIG. It does not fail in v1.1.0h and v1.1.1b. +diff --git a/keepalived/check/check_ssl.c b/keepalived/check/check_ssl.c +index 0155fce5..1a5c2acb 100644 +--- a/keepalived/check/check_ssl.c ++++ b/keepalived/check/check_ssl.c +@@ -234,7 +234,7 @@ ssl_connect(thread_ref_t thread, int new_req) + BIO_get_fd(req->bio, &bio_fd); + if (fcntl(bio_fd, F_SETFD, fcntl(bio_fd, F_GETFD) | FD_CLOEXEC) == -1) + log_message(LOG_INFO, "Setting CLOEXEC failed on ssl socket - errno %d", errno); +-#ifdef HAVE_SSL_SET0_RBIO ++#if defined HAVE_SSL_SET0_RBIO && defined HAVE_SSL_SET0_WBIO + BIO_up_ref(req->bio); + SSL_set0_rbio(req->ssl, req->bio); + SSL_set0_wbio(req->ssl, req->bio); diff --git a/sys-cluster/keepalived/keepalived-2.2.7.ebuild b/sys-cluster/keepalived/keepalived-2.2.7.ebuild index ae169adf481b..4c9febd8522b 100644 --- a/sys-cluster/keepalived/keepalived-2.2.7.ebuild +++ b/sys-cluster/keepalived/keepalived-2.2.7.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2022 Gentoo Authors +# Copyright 1999-2023 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 @@ -36,6 +36,10 @@ DOCS=( doc/keepalived.conf.SYNOPSIS doc/NOTE_vrrp_vmac.txt ) +PATCHES=( + "${FILESDIR}"/${P}-libressl.patch #903001 +) + src_prepare() { default eautoreconf
